The PIX doesn't do stateful inspection of ICMP packets as far as I'm aware, so if an echo-reply came in, even without an echo having first gone out, I would say the packet will be allowed in to the internal host.
Ok, you are right the pix does not perform stateful inspection on ICMP packets, but since there was not connection originated from the inside interface it should block the ICMP reply packet once it hits the outside interface.
For the icmp packets to cross the PIX it needs a translation rule and an access list rule to permit it. In your example, the translation rule is there with the static and you have specified the acl to allow the echo-reply in. My money would be on that the packet would be allowed in.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...