cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
809
Views
4
Helpful
1
Replies

ICMP's denied on Inside Interface on PIX

Kevin Melton
Level 2
Level 2

I have the inside interface of our PIX (172.17.1.2) configured as the default GW for my laptop. I have my laptop connected to a non L3 switch which is connected to the INside interface of the switch.

The ports on the switch are all in the same VLAN, including the laptop port and the port which connects to the inside interface of the PIX.

I cannot get a reply when i ping the Inside Interface of the PIX. I have the correct IP addresses and mask configured.

I do get the following output on the PIX when I run a "debug icmp trace":

Denied ICMP type = 8, code = 0 from 172.17.1.100on interface 1.

I have a "permit icmp 172.17.1.0 255.255.255.240 inside " statement configured on the PIX as well. I cannot figure out why is is denying the ICMP packet.

Any help would be welcomed here.

1 Reply 1

Farrukh Haroon
VIP Alumni
VIP Alumni

You mask does not cover .100. It only covers .0 to .15.

172.17.1.0 255.255.255.240

Change it to

permit icmp 172.17.1.0 255.255.255.0 inside

or

permit icmp 172.17.1.0 255.255.255.128 inside

Please rate if helpful.

Regards

Farrukh

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: