Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
614
Views
5
Helpful
4
Replies

Cannot ping external sites in PIX

rajamitra
Level 1
Level 1

‎10-05-2010 04:36 AM - edited ‎03-11-2019 11:50 AM

I cannot ping like "ping www.google.com" from PIX version 7.1

Please help...........

Labels:
72998-sh run bmo.txt.zip
0 Helpful
4 Replies 4

rmavila
Cisco Employee
Cisco Employee

‎10-05-2010 04:56 AM

Hi Debabrata,

Are you able to ping the isp i.e the next hop in the default route ? Also can you try to ping with the ip address of google.com not with the name.

0 Helpful

rajamitra
Level 1
Level 1
In response to rmavila

‎10-05-2010 04:58 AM

Yes I am able to ping ip addresses from the PIX it's only the hostname that is not pinging it gives this error..

Ping www.google.com

        ^

invalid input after the marker.

0 Helpful

rmavila
Cisco Employee
Cisco Employee
In response to rajamitra

‎10-05-2010 05:09 AM

So if i m not wrong you have your dns server outside. I can see an acces-list applied on the outside permitting only icmp. Permit the dns replies and see you are able to ping. Add the following access-list :

access-list outside_in extended permit ip host

0 Helpful

mirober2
Cisco Employee
Cisco Employee

‎10-05-2010 05:16 AM

Hi Debabrata,

Support for pinging with DNS names instead of IP addresses wasn't added until 7.2(1), per the command reference:

http://www.cisco.com/en/US/docs/security/asa/asa80/command/reference/p.html#wp1882586

If pinging with DNS names from the PIX is a requirement for you, you'll need to upgrade to 7.2(1) or higher.

Hope that helps.

-Mike

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card