Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

pix 520

Hello,

i have a pix firewall running 5.1(4) , equipped with three interfaces ( inside ,outside ,dmz).

Two access lists have been created in order to let outside access inside andthey are ok :one on the outside interface ( direction in ) and another one on the DMZ interface ( direction in ) ,

i want to permit icmp traffic flowing through my pix interfaces

i have added the command:

conduit permit icmp any any echo-reply and still not able to ping ,

then i have added the command :access-list name permit icmp any any and applied to my outside and DMZ INTERFACE , and still have the same problem

any one could help

Thanks

Ali

3 REPLIES
Community Member

Re: pix 520

Hi!

Can you please be more specific? What is the source and destination of your pings?

Regards

Community Member

Re: pix 520

Hello,

from a pc onthe inside pix firewall interface ,i want to ping a station on the outside interface ,

or from a pc on the dmz interface i want to ping a station on the outside or the inside interface .

in brief i want to allow icmp traffic to flow through my pix interfaces.

Regards,

Ali.

Community Member

Re: pix 520

Hi!

Can i assume that all other traffic (IP, TCP or UDP) from INSIDE or DMZ hosts to OUTSIDE work fine and only ICMP is not working?

Use the "debug icmp trace" pix command and paste the output in here, if that's ok with you.

Regards

85
Views
0
Helpful
3
Replies
CreatePlease to create content