cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1525
Views
0
Helpful
3
Replies

pinging pix interfaces

enock_moubongo
Level 1
Level 1

Hi,

For some reasons i don't know a client wants absolutely to ping pix interfaces.

I explain, from one interface of the pix he wants to ping through pix to to reach the other interface of the pix,

Or through a network ping the interface of pix not in regard with that network.

Is it possible cause i didn't find any document ?

and where can i find the related document ?

Regards

3 Replies 3

danrodri
Cisco Employee
Cisco Employee

The icmp command can permit or deny ICMP requests directly to a PIX interface. Check out the command reference here.

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_61/cmd_ref/gl.htm#xtocid162635

example usage:

icmp deny any echo-reply outside

Now about pinging an PIX interface from a different network (i.e. thru the PIX). It depends if there is an access list or conduit allow the request and reply.

i have the same problem,(i need this feature to ping every interface of the pix from my inside Network management station)every config that was i trying was not working. maybe you can provide a working example configuration or tell me what is wrong in my example.

Thanks

Thomas

PIX Version 6.1(1)

nameif ethernet0 outside security0

nameif ethernet1 inside security100

access-list allow-all permit ip any any

ip address outside 192.168.20.200 255.255.255.0

ip address inside 192.168.10.200 255.255.255.0

global (outside) 1 interface

nat (inside) 1 192.168.10.0 255.255.255.0 0 0

access-group allow-all in interface outside

access-group allow-all in interface inside

icmp permit any outside

icmp permit any inside

Try to use only this command for your needs:

icmp permit any any

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: