Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

ICMP and PIX Firewalls

Fundamental issue here - must be me - I have a laptop plugged into the inside interface of my pix firewall (Pix 501). I have set up an ACL to deny icmp echo and icmp echo-reply FROM the laptop address TO the ip address of the inside interface. I have applied the ACL to the inside interface via an access-group command ("in"). And I can still ping the inside interface of the firewall from the laptop still. Debug icmp trace shows no hits. What am I doing wrong? Surely you can deny icmp in this way ?

2 REPLIES
Hall of Fame Super Blue

Re: ICMP and PIX Firewalls

Peter

acl's control traffic through the pix not to pix interfaces. Try

pix(config)# icmp deny any inside

Jon

New Member

Re: ICMP and PIX Firewalls

cheers Jon - that makes sense to me

111
Views
0
Helpful
2
Replies
CreatePlease to create content