cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
403
Views
0
Helpful
4
Replies

Unable to ping DMZ servers from FWSM

Rupesh Kashyap
Level 1
Level 1

Hi, I have 6500 switch having FWSM. I have configiure Context in that. I have configure many dmz servers having 10.52.65.x subnet & made policies in context. I am able to ping dmz servers from my inside n/w, but I am unable to ping these servers from FWSM login. I am able to ping the dmz interface. Any idea as I am thinkin NO role of ACL as I have initiated ping from FWSM module. Please help

ip address inside 10.52.64.4 255.255.255.128

ip address outside 10.52.64.132 255.255.255.128

ip address dmz01 10.52.65.132 255.255.255.128

icmp permit any inside

icmp permit any dmz01

4 Replies 4

Giuseppe Larosa
Hall of Fame
Hall of Fame

Hello Rupesh,

just a basic check if you are in multi-context you need to be on the right context.

each context is like a stand-alone FW

so do

sh context

changeto context

from where you should be able to ping DMZ servers

Hope to help

Giuseppe

Hi, I am able to ping dmz servers from any internal switches as I have allowed icmp on FWSM inside and dmz acl. But I am unable to ping the dmz servers , if login on fwsm.

sir, please help if any have any information on this.

Rupesh,

post your FWSM config for us to help you properly.

Francisco.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco