Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
402
Views
0
Helpful
1
Replies

Pix 525 Outside Interface is up but I cannot ping out..

dennis.powell
Level 1
Level 1

‎05-01-2007 02:00 PM - edited ‎03-11-2019 03:07 AM

On 4/30/07 the two Pix 525 were working just fine. I have PPTP and IPSec VPN access configured. Today I find that the outside interface on both are up but that I cannot ping to the PBR connected to the outside interface. the only change made today was replacing the old outside IPs with new ones. I am not sure if the problem existed this morning before the IP address change. Is there a way to diagnose what is happening here?

Thanks

Labels:
0 Helpful
1 Reply 1

Patrick Iseli
Level 7
Level 7

‎05-01-2007 04:45 PM

You need to permit ICMP in the outside access-list.

See: Handling ICMP Pings with the PIX Firewall

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a0080094e8a.shtml

The PIX and the traceroute Command

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a00800e9312.shtml

example:

access-list 101 permit icmp any host YourPublicIP unreachable

access-list 101 permit icmp any host YourPublicIP time-exceeded

access-list 101 permit icmp any host YourPublicIP echo-reply

Note replace the <101> with your ACL name.

sincerely

Patrick

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card