Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
386
Views
0
Helpful
1
Replies

ping FWSM own interface

enock_moubongo
Level 1
Level 1

‎06-17-2003 01:04 AM - edited ‎03-09-2019 03:42 AM

Hi all,

Is it possible to ping the far side of the FWSM ?

i mean is it possible to ping from outside the inside interface of the FWSM

or from the inside ping the outside interface of FWSM.

From http://www.cisco.com/en/US/customer/products/hw/vpndevc/ps2030/products_tech_note09186a0080094e8a.shtml

I read :

Pings to PIX's Own Interfaces

In PIX Software versions 4.1(6) until 5.2.1, ICMP traffic to the PIX's own interface is permitted; the PIX cannot be configured to not respond. You will not be able to ping interfaces on the "far side" of the PIX in any version. In our network diagram, you will be able to ping 10.1.1.1 from 10.1.1.5 or 200.1.1.1 from the outside, but you will not be able to ping 200.1.1.1 from 10.1.1.5, nor will you be able to ping 10.1.1.1, from the outside. Beginning in PIX Software version 5.2.1, ICMP is still permitted by default, but PIX ping responses from its own interfaces can be disabled with the icmp command (that is, a "stealth PIX").

Does it also apply to FWSM ?

Regards

Labels:
0 Helpful
1 Reply 1

sghosh
Level 1
Level 1

‎06-17-2003 09:36 AM

Hi,

You will not be able to ping the inside interface from outside.

But you will be able to ping the outside interface from outside and inside interface from inside, if you enable the following commands in FWSM.

icmp permit any inside

icmp permit any outside

Thanks

Sujit

0 Helpful
Customers Also Viewed These Support Documents