Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
360
Views
0
Helpful
2
Replies

PIX 501 Responding to Pings by default

smackieuk
Level 1
Level 1

‎08-07-2004 05:34 AM - edited ‎02-20-2020 11:33 PM

Hi. I've just added a PIX 501 to my network and have noticed that with the default configuration the Firewall is repsonding to external pings/ICMP. The firewall currently has a basic configuration using PAT and connected to a 837 Router. From reading the documents online it was my understanding that ICMP was blocked by default to the external/outside connection. Just in case I had accidentally adjusted any settings I reset back to default, tested again, and the PIX again responded to pings.

Can anyone confirm whether ICMP is supposed to be disabled by default, and what configuration should exist that does this ?

If ICMP is not blocked by default, can anyone suggest which ICMP types should be allowed in from the external connection e.g. echo-reply, time-exceeded, unreachable etc

Cisco PIX Firewall Version 6.3(3)

Cisco PIX Device Manager Version 3.0(1)

Thanks for any help,

Stuart.

0 Helpful
2 Replies 2

nkhawaja
Cisco Employee
Cisco Employee

‎08-07-2004 11:21 AM

Hi,

Do you mean that from inside, if you ping any outside address, you are getting a reply? or do you mean if you ping the outside interface address from outside you are getting a reply?

Thanks

Nadeem

0 Helpful

smackieuk
Level 1
Level 1
In response to nkhawaja

‎08-09-2004 02:08 PM

Hi Nadeem. If I ping my external/outside address from an external/outside network I get a reply.

Thanks,

Stuart.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card