Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
315
Views
5
Helpful
1
Replies

Ping from inside segment to PIX Outside interface

msocarras
Level 1
Level 1

‎07-27-2004 02:10 PM - edited ‎02-20-2020 11:32 PM

Hi!

For monitoring purposes I want to be able to ping from an inside host to the PIX outside and DMZ interfaces. However it is not working although I configured the PIX to respond to ICMP request through all the interfaces. I placed a debug icmp trace and I can see the the PIX receives the echo request but the doesnt reply. I also tried pinging from a DMZ host toward the inside interface. In that escenario I configured an Static translation for the inside interface, I created the ACL and I configured the ICMP replies. Again I see the ICMP request but the debug shows no replies.

Is it that the PIX cannot reply to echos comming from a host that is not directly connected to the destination interface? It seems that the PIX can only respond to echos that are generated by a host connected to each interfaces, but not if the echo is traversing the PIX and reaching any other interface.

Thanks for your help.

Mario

0 Helpful
1 Reply 1

nkhawaja
Cisco Employee
Cisco Employee

‎07-27-2004 04:21 PM

Hi,

You can't ping the next hop interface of the PIX (by design). e.g. from inside network you can only ping inside interface and not the outside interface. Even if you create static translation the rule still implies.

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card