Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

PIX inside to Outside..... connectivity

I would like to know how do I ping or reach from my LAN to the external interface of the PIX or to my valid IP range of addresses.

e.g If I need to expose a host on my internal network I would do a static mapping and then assign a conduit statement.but when I try to ping to the valid IP address assigned I am not able to do so.

I would like to mention that I am able to reach all other internet sites.

Is this a security feature of PIX FW or can we use a valid IP to ping from the LAN.

Can anybody help me in this regard.

Thanks.

5 REPLIES
New Member

Re: PIX inside to Outside..... connectivity

see page 6 -62 of the config guide.

build an acl and permit icmp any any

New Member

Re: PIX inside to Outside..... connectivity

Hello,

You cant ping your external static to your pix assigned IP-Adesses....we had this problem that we mapped a outside adress to a DMZ webserver...from external it was all reachable..but from internal only by the DMZ ip Adress of the webserver...

Solution: Install an internal DNS Server...or...try with "alias command" on PIX

permit icmp isnt very healthy at all ;) (disable it after you tested all)

BBB

New Member

Re: PIX inside to Outside..... connectivity

Thanks it worked.I got that.

Regards

Mahavir

New Member

Re: PIX inside to Outside..... connectivity

may be you need to define acl and gateway to the external addr.

New Member

Re: PIX inside to Outside..... connectivity

You can not ping the external interface of a PIX unless you specificly allow that with a conduit statement.

If you put a STATIC NAT in to assign an internal host with a public IP address then that public IP will be unavailable from your internal network.

Something to do with the PIX not allowing packets originating from the inside to hit the outside & then back to the same interface which the packets originated.

137
Views
0
Helpful
5
Replies
CreatePlease login to create content