Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
923
Views
0
Helpful
2
Replies

Access-List Problem in PIX

sameer
Level 1
Level 1

‎07-29-2002 10:36 PM - edited ‎02-20-2020 10:11 PM

hi,

The problem tha i am facing is when i remove the access-list from the configration the PIX stop sending trafic out sided means internet stop working but the access-list that i want to remove has nothing to do with internet browsing as this is related to the VPN i.e; which trafic to encrypt and to which not .

I also had faced this problem at one of our customer , at that time the customer wants to allow the ping so what i did at that time

Access-list sam permit icmp any any.

but after issuing this commnad internet stop working.

has any one come this strange problem related to the access-list.

regards

sameer

0 Helpful
2 Replies 2

edadios
Cisco Employee
Cisco Employee

‎07-30-2002 08:54 PM

Whenever you are going to make config changes that are vpn related, wether access-list or crypto or isakmp commnads, you should first unapply the crypto map off the interface, otherwise, you experience this lock up of the interface.

"no crypto map mapname interface ifname".

Regards,

0 Helpful

mklaphek
Level 1
Level 1

‎07-31-2002 06:52 AM

If I understand you correctly, the problem isn't strange behavior of the access-list. You have to keep in mind that access-lists have implicit "deny all" as the last statement. Thus, whatever you don't explicitly permit is denied. That's whay when you put the ICMP access-list on you couldn't get to the Internet for browsing, etc.

Hope this helps

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card