ICMP not keeping states? (PIX 6.3.3)
From: Michael (kdo-jh7_at_iximail.com.this.is.a.real.email.address.even.if.weird)
Date: 10/04/04
- Next message: GQ: "Network Config Advice (Slightly OT)"
- Previous message: jr: "Leythos & Lars"
- Next in thread: Wilykiote: "Re: ICMP not keeping states? (PIX 6.3.3)"
- Reply: Wilykiote: "Re: ICMP not keeping states? (PIX 6.3.3)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 04 Oct 2004 21:32:02 +0200
Good evening,
I am deploying a PIX 506. The external IP address is the internet, the
inside network is from the private ip scope.
The inside network has to be nated behing the external IP of the
gateway. This works fine.
I've got two access-lists applied on the appliance. On the inside
interface, I've got rules specifying what kind of services the inside
can reach. On the external interface, nothing.
Users from the inside network need to be able to ping the outside world.
But, the line in the acl applied on the inside interface allowss icmp
any_any... and it does not work!
What do I have to add to the PIX (6.3.3) to make sure the inside users
can ping the outside world?
Many many thanks,
/michael
- Next message: GQ: "Network Config Advice (Slightly OT)"
- Previous message: jr: "Leythos & Lars"
- Next in thread: Wilykiote: "Re: ICMP not keeping states? (PIX 6.3.3)"
- Reply: Wilykiote: "Re: ICMP not keeping states? (PIX 6.3.3)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
