From: MADMAN (dave@interprise.com)
Date: Fri Apr 11 2003 - 18:57:28 GMT-3
And you never will, the PIX only allows you to ping thru the PIX or
the closest interface, i.e. if your on the inside you can ping the PIX
inside interface but not the PIX DMZ or outside interface but you can
ping devices connected to those networks which is what you are describing.
Dave
George Zhang wrote:
> Hi Everyone,
>
> I have a question about PIX firewall. My PIX firewall is configured as
> below:
>
> Outside interface: 10.1.1.1
> DMZ Interface: 192.168.1.1
> Inside Interface: 172.16.1.1
>
> I have also configured access-lists and access-group on both Outside and DMZ
> interface to permit ICMP packets to go through.
>>From a host connected to the inside interface with IP address of 172.16.1.10,
> I can ping all hosts on the DMZ and outside interface.
> However, I can not ping the IP addresses of the Outside interface and DMZ
> interface themselves. What do I need to do so that I
> can ping the Outside interface and DMZ interfaces.
>
> Thanks for your help in advance.
>
> George Zhang
> CCIE#8903
>
>
-- David Madland CCIE# 2016 Sr. Network Engineer Qwest Communications 612-664-3367I would rather have a German division in front of me than a French one behind me." --- General George S. Patton
This archive was generated by hypermail 2.1.4 : Thu May 01 2003 - 13:35:51 GMT-3