Firewall 515E Can't Ping Interface

Charlie Mayes · ‎11-24-2008

Hello Guys,

I am new the whole Cisco firewall thing but do know routing and switching some what. I have assigned the config below on my firewall and a ip of 192.168.1.3 on my switch which is plugged into my interface. I can not ping the firewalls interface from the firewall ( interface E1) nor my vlan interface in my switch plugged into my inside interface port. My config is below. Please help. Thanks.

Ping Error

CharlesPIX# ping 192.168.1.1

Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:

?????

Success rate is 0 percent (0/5)

Firewall Config

!

hostname ChuckPIX

enable password 2KFQnbNIdI.2KYOU encrypted

names

!

interface Ethernet0

shutdown

nameif outside

security-level 0

no ip address

!

interface Ethernet1

nameif inside

security-level 100

ip address 192.168.1.1 255.255.255.0

!

interface Ethernet2

shutdown

nameif DMZ

security-level 50

no ip address

!

interface Ethernet3

shutdown

no nameif

no security-level

no ip address

!

interface Ethernet4

shutdown

no nameif

no security-level

no ip address

!

interface Ethernet5

shutdown

no nameif

no security-level

no ip address

!

passwd 2KFQnbNIdI.2KYOU encrypted

ftp mode passive

pager lines 24

mtu outside 1500

mtu inside 1500

mtu DMZ 1500

no failover

no asdm history enable

arp timeout 14400

route inside 192.168.1.0 255.255.255.0 192.168.1.1 1

timeout xlate 3:00:00

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02

timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00

timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00

timeout uauth 0:05:00 absolute

no snmp-server location

no snmp-server contact

snmp-server enable traps snmp authentication linkup linkdown coldstart

telnet timeout 5

ssh timeout 5

console timeout 0

dhcpd dns 192.168.1.10

dhcpd wins 192.168.1.9

dhcpd lease 10000

dhcpd ping_timeout 1000

dhcpd domain chuck.com

!

dhcpd address 192.168.1.11-192.168.1.254 inside

dhcpd enable inside

!

class-map inspection_default

match default-inspection-traffic

!

policy-map type inspect dns preset_dns_map

parameters

message-length maximum 512

policy-map global_policy

class inspection_default

inspect dns preset_dns_map

inspect ftp

inspect h323 h225

inspect h323 ras

inspect netbios

inspect rsh

inspect rtsp

inspect skinny

inspect esmtp

inspect sqlnet

inspect sunrpc

inspect tftp

inspect sip

inspect xdmcp

!

service-policy global_policy global

prompt hostname context

Cryptochecksum:d6f4b30b91f23020303a553ce4f214a8

: end

massimiliano.serafino · ‎11-24-2008

Hi,

Why do you have route inside 192.168.1.0 255.255.255.0 192.168.1.1 1 ?

Best regards.

Massimiliano.

Charlie Mayes · ‎11-24-2008

I guess that would be wrong then right? What do I need to have?

when I removed it that route this is what it gave me as an error

ChuckPIX# ping 192.168.1.1

Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:

No route to host 192.168.1.1

ajagadee · ‎11-24-2008

Hi,

Do a show interface and make sure that the iterface e1 in up/up status. It looks like a L1/L2 issue.

Regards,

Arul

*Pls rate if it helps*

Charlie Mayes · ‎11-24-2008

I looked at that but everything seemed fine.

ajagadee · ‎11-24-2008

Interesting! Can you post the outputs of "show interface e1" and also "show route".

Regards,

Arul