RE: [fw-wiz] firewall 501
From: Melson, Paul (PMelson_at_sequoianet.com)
Date: 10/01/04
- Previous message: Melson, Paul: "RE: [fw-wiz] Pass-through VPN"
- Maybe in reply to: Nelson Tolero: "[fw-wiz] firewall 501"
- Next in thread: Crissup, John (MBNP is): "RE: [fw-wiz] firewall 501"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "Nelson Tolero" <nelson_tolero@ctlink.inc.com.ph>, <firewall-wizards@honor.icsalabs.com> Date: Fri, 1 Oct 2004 08:25:41 -0400
> im a new user of pix firewall and this is only my 1st time to
> configure the 501 pix my question guys is how do i allow the
> ping outside to the secure inside??? because in my case im
> connected to the internet but when I tried to ping the public
> site like www.yahoo.com or public ip address it say request
> time out even though i can surf the internet.
>
> ex.
> 203.319.21.xxx will be ping by 192.168.2.xxx
> ping www.yahoo.com by 192.168.2.xxx
ICMP isn't statefully tracked, so you must have a rule that allows the
response back through the outside interface.
access-list acl_out permit icmp any any eq echo-reply
access-group acl_out in interface outside
PaulM
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
- Previous message: Melson, Paul: "RE: [fw-wiz] Pass-through VPN"
- Maybe in reply to: Nelson Tolero: "[fw-wiz] firewall 501"
- Next in thread: Crissup, John (MBNP is): "RE: [fw-wiz] firewall 501"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
