JamesLuther Tue, 02/17/2009 - 04:57
User Badges:
  • Silver, 250 points or more


On PIX ICMP isn't stateful so you need to add a rule for the reply traffic liek so

access-list 101 extended permit icmp any any echo-reply

You can also tie down the "any any" to the subnets in question (remembering this is the reply traffic!!!)


ciscosrini369 Wed, 02/18/2009 - 01:52
User Badges:


By default from high security level to lower security level icmp will be blocked, u need to apply acl for the same.


This Discussion