Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1410
Views
0
Helpful
3
Replies

PIX 501 and ICMP

mike.scaggs
Level 1
Level 1

‎03-26-2002 10:04 PM - edited ‎02-20-2020 10:00 PM

Hello

I have a new 501 that I have configured with my cable modem. I am using dhcp on the outside int with the ip address outside dhcp setroute command.

Okay I get an address and I can surf. The rest of the config is standard NAT stuff and the rest.

The issue is I can not ping through my firewall even though I can surf. Sounds like an ICMP issue right.

My access-list is as follows

access-list acl_out permit icmp any any

access-group acl_out in interface outside

Pretty basic stuff. My sh logg says I'm getting replies but no go on the inside. I also plugged the ole laptop direct into the cable modem to see if my ISP was filtering ICMP but it all worked out fine. Hummmmm

Sooo.. Does running dhcp on the outside int have an effect on access-lists? I do get an address and gateway. BTW: I can not ping from the PIX console either. Pretty wierd.

Can you help me????

Thanks Mike

0 Helpful
3 Replies 3

mike.scaggs
Level 1
Level 1

‎03-26-2002 11:35 PM

I figured it out. It was the IP Audit commands I had in ther for the IDS stuff. Thanks

0 Helpful

pthome
Level 1
Level 1

‎03-27-2002 01:47 AM

Hi Mike,

there's a icmp command in the Pix.

You should add icmp permit any outside or

something like that. Read the docs,

It's in there.

Peter

0 Helpful

ganhm
Level 1
Level 1

‎03-28-2002 01:34 AM

Try to add the outside and inside interface.

access-list acl_out permit icmp any any

access-group acl_out in interface outside

access-list acl_in permit icmp any any

access-group acl_in in interface inside

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card