Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Traceroute Through PIX

I have a PIX with PIXOS 7.1.

I issue a traceroute from the inside host to an outside host and find that all hops behind the pix can not be seen.

There is an interface pat between inside and outside.

I have already configured

access-list outside permit icmp any any

access-list inside permit icmp any any

inspect icmp

inspect icmp error

But it doesn't work.

Can anyone give me a clue?

Thanks very much.

1 REPLY
Gold

Re: Traceroute Through PIX

try adding the following specific entries:

access-list outside permit icmp any any unreachable

access-list outside permit icmp any any time-exceeded

access-list outside permit icmp any any echo-reply

this assumes 'outside' is the acl applied to the outside interface.

111
Views
0
Helpful
1
Replies