I have a simple home network setup with Comcast as my ISP and I'm using a Cico Pix 515 as my router/firewall. I had to simplify it to rule out any other issues. My Cisco Pix 515 has a static Public IP address and I'm also running DHCP on it as well. Everything works ok as far as internet access, asdm, and releasing/renewing IPs. What I don't understand is why I can't ping my internal PC from the inside interface of my Pix firewall. I get the ping response of ????. I can ping my inside interface from my pc just fine. I also have ACL's in place as you can see from my config. Also, my window firewall is disabled on my pc. Anyone can tell me what I'm missing or what it can be. I also used another switch and had the same issue.
Result: input-interface: inside input-status: up input-line-status: up output-interface: inside output-status: up output-line-status: up Action: drop Drop-reason: (acl-drop) Flow is denied by configured rule
——————————– MYFIREWALL# ping 10.10.10.105 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.10.10.105, timeout is 2 seconds: ?????
Thanks for the response! I had just moved that to the subinterface to test something. Originally, I had the IP on the physical interface with no subinterface. I'll also run that config in another hour or 2 and let you know what happens.
Problem resolved. It was the firewall on my Windows 7 pc. Weird, I stopped and disabled the firewall service and even restarted afterwards and it wasn't getting ping responses. It wasn't until I created an inbound rul on the firewall to allow all icmp is when it started working. Thanks for all your help and advice.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...