topic Re: Ping out problems. in Network Security

Ping out problems.

rschoon — Mon, 11 Mar 2019 09:39:54 GMT

I would be grateful if anyone can enlighten me with regards to what I am doing wrong in setting up my asas5510. I?m unable to ping out to the Internet from my DMZ or from the inside out to the internet. I can ping devices on the inside and I can ping from inside to devices in the DMZ. I?m also like to place my DNS server in the DMZ and unclear on DNS rewrites works or what needs to done to lace a dns server in the dmz .

Thanks

Re: Ping out problems.

hoogen_82 — Thu, 01 Mar 2007 08:55:34 GMT

Add another access-list

access-list outside_access_in extended permit icmp any x.x.x.x y.y.y.y

For ICMP alone you need to specify an acceslist on the outside interface to allow replies to come back...

HTH

Hoogen

Do rate if this helped 🙂

Re: Ping out problems.

jwalker — Thu, 01 Mar 2007 16:36:43 GMT

You can restrict ICMP even further if you only allow inbound echo replies instead of all inbound ICMP. This will prevent attackers from gleaning information using pings to your public range.