My internal network which is 10.0.0.x (we?ll say 10) is connected to a Cisco 2620 router (2620) that NAT?s to 192.168.1.x (192 network is my enterprise firewall). I can ping out from the 10 network, but cannot ping from the 192 to the 10 network. When logged onto the 2620, I am able to ping, but I cannot ping to the 10 network when connected to the 192 network. This is creating problems as I am installing an intensive software application on the 10 network to received feedback from the firewall which is on the 192 network. The problem is that the 2620 is not allowing pings into my internal 10 network. I have no acl?s on the 2620 other than the access-list 7 permit for the nat?ing. Sorry this is very long, but I need a way to be able to ping the 192.168.1.x network on the firwall to the 10.0.0.x network which is behind the 2620. F0/0 is and F0/1 is Thanks.


Does fw have a route to 10 network?

Hi and thanks for the note. I was able to create a static route from the FW to the Cisco Router and I got a response. Thanks a bunch!

Are you trying to ping a 10.0.0.x address from the 192.168.1.x network ? If this is what you want then as per previous poster check routes on firewall.

But you say that the network is Natted to a 192.168.1.x address. From the looks of your access-list this looks like dynamic NAT.

If you want to be able to ping 10.0.0.x addresses by using 192.168.1.x addressing you will need to set up static NAT's on you router so that the same 10.0.0.x address is always translated to the same 192.168.1.x address.



