10-24-2008 12:36 AM - edited 03-11-2019 07:02 AM
I have configured routed context in FWSM but it's not communication event with outside and inside directly connect router (MSFC). When I try to ping outside router IP address it show error in debug.
Denied ICMP type=0, code=0 from 192.168.15.5 on interface outside
I have configured IP any any and ICMP any any on both interfaces.
Solved! Go to Solution.
10-24-2008 09:01 AM
Hi,
Can you configure "icmp permit any outside" and then try pinging again and see if you get a response.
Regards,
Arul
*Pls rate if it helps*
10-27-2008 02:22 AM
As I said earlier in order to ensure that the Ping reply reaches FWSM you need to use "icmp permit any outside" command.
ACLs are only used for traffic through the FWSM .
Syed Iftekhar Ahmed
10-24-2008 09:01 AM
Hi,
Can you configure "icmp permit any outside" and then try pinging again and see if you get a response.
Regards,
Arul
*Pls rate if it helps*
10-24-2008 02:26 PM
Add the following
access-list 209 extended permit icmp any any
Syed Iftekhar Ahmed
10-26-2008 10:12 PM
I have already permited ICMP on both interfaces. but the problem is still there.
10-27-2008 01:03 AM
Are you pinging from the FWSM or from a host connected to inside interface?
If you are pinging from the FWSM and not "through" the fwsm the ping is permitted or denied based on the icmp command.
Use
icmp permit 0 0 outside
If it were a ping through the FWSM it would
be controlled via an ACL.
Syed Iftekhar Ahmed
10-27-2008 02:14 AM
I am Ping it from FWSM and ACL configured for ICMP on both intface (inside, outside).
10-27-2008 02:22 AM
As I said earlier in order to ensure that the Ping reply reaches FWSM you need to use "icmp permit any outside" command.
ACLs are only used for traffic through the FWSM .
Syed Iftekhar Ahmed
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: