RE: [fw-wiz] firewall 501
From: Melson, Paul (PMelson_at_sequoianet.com)
To: "Nelson Tolero" <email@example.com>, <firstname.lastname@example.org> Date: Fri, 1 Oct 2004 08:25:41 -0400
> im a new user of pix firewall and this is only my 1st time to
> configure the 501 pix my question guys is how do i allow the
> ping outside to the secure inside??? because in my case im
> connected to the internet but when I tried to ping the public
> site like www.yahoo.com or public ip address it say request
> time out even though i can surf the internet.
> 203.319.21.xxx will be ping by 192.168.2.xxx
> ping www.yahoo.com by 192.168.2.xxx
ICMP isn't statefully tracked, so you must have a rule that allows the
response back through the outside interface.
access-list acl_out permit icmp any any eq echo-reply
access-group acl_out in interface outside
firewall-wizards mailing list