Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

PIX 506E traffic forwading problem

Hi all,

We are using 1 PIX 506E and 1 2611 router, 1 3560-L3 switch.now i want to forward traffic from switch to PIX and then PIX to ROuter.i have connect pix & switch through 10.xx.xx.xx series ip and pix to router through 192.168.xx.xx series ip. from host or switch i m able to ping pix's inside interface but not to outside interface. from router also i can ping pix's outside ip but not to the inside ip. pls help us on this ASAP.ist very urgent.

3 REPLIES
Bronze

Re: PIX 506E traffic forwading problem

There are two options in PIX 7.x that allow inside users to ping hosts on the outside. The first option is to setup a specific rule for each type of echo message. Another option is to configure ICMP inspection.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a0080094e8a.shtml

Gold

Re: PIX 506E traffic forwading problem

you can't ping the far side interface of a pix or asa...ever.

you can ping hosts on the other side of a pix/asa though - just follow the aforementioned link.

(you just have to allow echo-replies from the hosts you're trying to ping).

from an inside host, you should be able to ping the router though, once you allow echo-replies back into the network.

to ping from outside to inside, allow echo's into the network.

Cisco Employee

Re: PIX 506E traffic forwading problem

you cannot ping indirectly connected interfaces--thats by design

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_qanda_item09186a0080094874.shtml

Now coming over to your issue..from inside host behind the switch can you ping the default gateway of firewall ? if not then allow permit icmp any any in the outside accesss-group

118
Views
0
Helpful
3
Replies
CreatePlease to create content