Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

Pix 525 Outside Interface is up but I cannot ping out..

On 4/30/07 the two Pix 525 were working just fine. I have PPTP and IPSec VPN access configured. Today I find that the outside interface on both are up but that I cannot ping to the PBR connected to the outside interface. the only change made today was replacing the old outside IPs with new ones. I am not sure if the problem existed this morning before the IP address change. Is there a way to diagnose what is happening here?

Thanks

1 REPLY

Re: Pix 525 Outside Interface is up but I cannot ping out..

You need to permit ICMP in the outside access-list.

See: Handling ICMP Pings with the PIX Firewall

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a0080094e8a.shtml

The PIX and the traceroute Command

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a00800e9312.shtml

example:

access-list 101 permit icmp any host YourPublicIP unreachable

access-list 101 permit icmp any host YourPublicIP time-exceeded

access-list 101 permit icmp any host YourPublicIP echo-reply

Note replace the <101> with your ACL name.

sincerely

Patrick

227
Views
0
Helpful
1
Replies
CreatePlease to create content