cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Welcome to Cisco Firewalls Community


159
Views
0
Helpful
1
Replies
Highlighted
Beginner

PIX Access-List Troubles

Hello everyone.

I need to be able to ping from my internal network to the outside firewall port. At this point I can ping the inside just fine. When I ping from the computer to the outside firewall port I can see it registering on the firewall console in putty. But on the PC it comes back as request time out. I know I need to update the Access-list, im just not sure what command to use.

Thanks!

1 ACCEPTED SOLUTION

Accepted Solutions
Mentor

PIX Access-List Troubles

Hi,

You are not able to PING/ICMP the "outside" interface of the PIX from a host behind the "inside" interface. This is true for any Cisco firewall to my understanding.

The host sending ICMP Echo to an PIX interface IP address has to always be behind that interface. Basically hosts behind "inside" can PING the "inside" inteface IP address and hosts behind "outside" can PING the "outside" interface.

- Jouni

1 REPLY 1
Mentor

PIX Access-List Troubles

Hi,

You are not able to PING/ICMP the "outside" interface of the PIX from a host behind the "inside" interface. This is true for any Cisco firewall to my understanding.

The host sending ICMP Echo to an PIX interface IP address has to always be behind that interface. Basically hosts behind "inside" can PING the "inside" inteface IP address and hosts behind "outside" can PING the "outside" interface.

- Jouni