Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
434
Views
0
Helpful
2
Replies

Want to block pinging to external interface of PIX

jamiesachs
Level 1
Level 1

‎09-04-2003 11:16 AM - edited ‎02-20-2020 10:58 PM

Hi

I want to prevent my external PIX interface from being "pinged". I removed the "conduit permit icmp any any" statement and added a "conduit deny icmp any any" command. Now I cannot ping anything on the Internet nor can anyone ping any of my NATed addesses but I can still ping my external PIX interface. What am I missing? Thanks

0 Helpful
2 Replies 2

scoclayton
Level 7
Level 7

‎09-04-2003 11:50 AM

Hi,

Conduits and Access-list only affect (effect, I can never remember) transit traffic. That is, traffic that is going *through* the PIX rather than *to* the PIX. I believe you are more interested in the 'icmp deny' command - http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_62/cmdref/gl.htm#1026574

Scott

0 Helpful

jamiesachs
Level 1
Level 1
In response to scoclayton

‎09-04-2003 12:13 PM

Beautiful, thanks

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card