Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
248
Views
0
Helpful
1
Replies

static nats with ICMP (extendable)

adamtroxel
Level 1
Level 1

‎04-18-2008 09:13 AM - edited ‎03-05-2019 10:28 PM

Hi all

I have an issue I have never had to deal with.

I did the following to run our packets through an ssl accelerator box.

we had the following set up for our system:

ip nat inside source static 10.1.1.1 5.5.5.5

this allowed our services to be accessed easily. (8080, 443, and ICMP)

However - we needed to change it a bit to set up different ports for ssl acceleration so I needed to move to this:

no ip nat inside source static 10.1.1.1 5.5.5.5

ip nat inside source static tcp 10.1.1.1 443 5.5.5.5 443 extendable

ip nat inside source static tcp 10.1.1.1 8080 5.5.5.5 8080 extendable

Question: how do you get ICMP to work?

thanks!

Labels:
0 Helpful
1 Reply 1

tstanik
Level 5
Level 5

‎04-24-2008 10:39 AM

In PIX, ICMP is permitted by default, but PIX ping responses from its own interfaces can be disabled with the icmp command

icmp permit|deny [host] src_addr [src_mask] [type] int_name

Refer the below URL for the Handling ICMP Pings :

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a0080094e8a.shtml#topic2

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card