Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

web server under PIX

My web server is alive and sitting behind PIX.

How to set on the firewall inorder to allow the outside users able to send the echo-reply to the web server and get a reply.By default the firewall doesn;t allow the echo reply on the webserver since I only only www trafic for the server.

1 REPLY
New Member

Re: web server under PIX

Simply apply a statement in the outside interface's access-list for icmp traffic to whatever registered IP address you've assigned the web server in the static nat.

Ie.

access-list 101 permit icmp any host 200.1.1.5 echo

access-group 101 in interface outside

Check out this URL as well regarding the icmp uses, both with an ACL and with the icmp permit/deny command for pinging the Pix's own interfaces.

http://www.cisco.com/warp/customer/110/31.html

223
Views
0
Helpful
1
Replies
CreatePlease login to create content