unable to PING from inside to outside.

Answered Question
Dec 20th, 2007

I can ping internally no problem, I cannot get a ping (echo-reply?) from anywhere outside. If I ping a URL I get a DNS notice with the IP but no replys. I suspect it's a nating issue but can't figure it out.


Here's the config.. don't laugh it's a mess I'm supposed to clean up but... well.


Realevevent rules (I think, full config enclosed)



interface GigabitEthernet0/0

nameif Outside

security-level 0

ip address 172.32.1.2 255.255.255.0

!

interface GigabitEthernet0/1

nameif Inside

security-level 70

ip address 10.1.7.101 255.255.240.0


access-list Outside_access_in extended permit icmp any any


access-list Inside_access_in extended permit icmp any any

access-list Inside_access_in extended permit ip any any


nat-control

global (Outside) 1 63.85.131.8 netmask 255.255.255.255

global (DMZ) 1 interface

nat (Inside) 0 access-list nat0

nat (Inside) 1 0.0.0.0 0.0.0.0

nat (DMZ) 0 access-list nonat_dmz

nat (DMZ) 1 0.0.0.0 0.0.0.0


access-group Outside_access_in in interface Outside

access-group Inside_access_in in interface Inside


attached is the full confing.













Attachment: 
Correct Answer by husycisco about 9 years 2 months ago

Hi Richard

Try this


policy-map global_policy

class inspection_default

inspect icmp



Regards

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Correct Answer
husycisco Thu, 12/20/2007 - 13:48

Hi Richard

Try this


policy-map global_policy

class inspection_default

inspect icmp



Regards

Actions

This Discussion