cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
321
Views
0
Helpful
4
Replies

Regarding the internet traffic through Pix

We have configured the PIX firewall to act as a default gateway.......ICMP is working fine with access-list 102 ip any any internet is working fine but when we give access-list 102 permit TCP any any eq www and remove ip any any internet is not working

Any suggestion

Thanks

4 Replies 4

toyinsekoni
Level 1
Level 1

Hi,

Post your pix config let's see. With the permit any any www ACL you might just be allowing traffic to your internal web server. check you corresponding access-group command.

D

m.bheemanakunta
Level 1
Level 1

ICMP uses UDP.

Are you suggesting that ICMP is not working after modifying acl 102 or regular internet traffic is not working?

If ICMP only is not working, then you will have to add an explicit statement to permit icmp

access-list 102 permit icmp any any

--Chandan

Hi,

Can you clarify what is and isnt working? Can you hit IP's on port 80? If you only have port 80 open, you may also want to add a rule for outbound DNS queries to your NS servers for resolution.

Glen

Wilson Samuel
Level 7
Level 7

Hi,

You need to allow the HTTP and HTTPS for a smooth functioning of Internet access via PIX. Secondly to allow PING or Tracert to work you need to specify ICMP also along with HTTP / HTTPS

Regards,

Wilson Samuel

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: