From: Gregory W. Posey Jr. (gposey@uaes.org)
Date: Tue Mar 29 2005 - 12:05:41 GMT-3
It is simply not allowed, as a feature of the firewall, to ping from one
network on the PIX to another interface on the PIX. While you can ping the
directly connected interface AND ping THROUGH the PIX (with appropriate
ACLs, etc.), you can't ping TO a PIX interface that is not directly
connected.
See -
http://www.cisco.com/en/US/products/hw/modules/ps2706/products_qanda_item091
86a00801e9e26.shtml#q11
Thank you,
Greg Posey Jr.
CCIE #7981
CCSP, CCSI
M.S. EE
Danshtr writes:
> What the log shows you?
>
> Maybe it got somthing to do with NAT?
>
>
> On Tue, 29 Mar 2005 16:26:31 +0600 (IST), mohamed_n@sifycorp.com
> <mohamed_n@sifycorp.com> wrote:
>> Hi all,
>>
>> It looks a simplr problem, but iam unable to find the solution.
>>
>> The scenario is very simple.
>>
>> MY PC------(inside)PIX(outside)-----eth0
>>
>> I want to ping from my PC to PIX eth0-outside interface.
>>
>> I tried giving ACLs,icmp permit etc,no use.
>> ACL-
>> From eth0 of pix to My pc and vice versa.-applied in outside interface
>>
>> From eth0 of pix to My pc and vice versa- apllied in inside interface
>>
>> Icmp permit host My pc outside cmds--
>>
>> Nothing helped.
>> Please help me out
>>
>> Thanks
>> Mohamed.
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>>
>
>
> --
> Best regards,
> Dan
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Sun Apr 03 2005 - 17:56:54 GMT-3