01-26-2005 08:23 PM - edited 03-09-2019 10:08 AM
Hi all,
Does it need to set ACL to block the outside interface , because i want to outside interface not allow people to ping and so on ...... , pls advise
Stanley
01-26-2005 10:53 PM
Hi Stanley,
On PIX, by default users on outside interface are not able to ping or access the inside network. They will not even get any response if they try to ping their outside interface, because ICMP are by default blocked on all the interfaces of PIX.
To allow the outside users to ping outside users, put this ACL :
access-list acl_out permit icmp any Ip_addr_out_intf.
access-group acl_out in interface outside
If you want to ping internal users, then :
access-list acl_out permit icmp any any
access-group acl_out in interface outside
kindly update for further queries :
regards
aashish C
01-27-2005 06:48 AM
Hi aashish C ,
Thanks you for your information
Becuase i dont want outside interface give any poeple ping or access any port in my PIX
All my best
Stanley
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide