11-23-2001 03:29 AM - edited 02-20-2020 09:55 PM
Hi,
For some reasons i don't know a client wants absolutely to ping pix interfaces.
I explain, from one interface of the pix he wants to ping through pix to to reach the other interface of the pix,
Or through a network ping the interface of pix not in regard with that network.
Is it possible cause i didn't find any document ?
and where can i find the related document ?
Regards
11-23-2001 06:47 PM
The icmp command can permit or deny ICMP requests directly to a PIX interface. Check out the command reference here.
http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_61/cmd_ref/gl.htm#xtocid162635
example usage:
icmp deny any echo-reply outside
Now about pinging an PIX interface from a different network (i.e. thru the PIX). It depends if there is an access list or conduit allow the request and reply.
11-24-2001 11:02 AM
i have the same problem,(i need this feature to ping every interface of the pix from my inside Network management station)every config that was i trying was not working. maybe you can provide a working example configuration or tell me what is wrong in my example.
Thanks
Thomas
PIX Version 6.1(1)
nameif ethernet0 outside security0
nameif ethernet1 inside security100
access-list allow-all permit ip any any
ip address outside 192.168.20.200 255.255.255.0
ip address inside 192.168.10.200 255.255.255.0
global (outside) 1 interface
nat (inside) 1 192.168.10.0 255.255.255.0 0 0
access-group allow-all in interface outside
access-group allow-all in interface inside
icmp permit any outside
icmp permit any inside
12-19-2001 10:10 PM
Try to use only this command for your needs:
icmp permit any any
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: