Thanks for the reply. I added the ACL's but they did not correct the issue. When I look at the ASDM, it shows an implicit rule that appears to be denying all incoming traffic on the outside interface. I don't see a way of eliminating this rule.

Please post your updated config.

here it is...

Can you also post a screen shot in ASDM of the ACL that's blocking? I don't see an ACL in the config (unless ADSM shows the default deny). Thanks.

here it is. Not sure if this implicit rule is supposed to be superceded by the explicit rule or not.

One other item to note is that when I try to ping the outside interface, I noticed in the log that I get the following denial...

"Deny IP spoof from xx.xx.xx.xx to on interface outside". I looked at my IP spoof settings and they are turned off.

Can you telnet/ssh into the box and enter the ACL I provided? I never use ADSM and can not speak intelligently about it or it's functionality.

Yes. I entered the ACL that way and the same result, I am unable to ping the outside interface, but I receive an IP spoofing error and the packets are dropped.

The access-list permitting icmp is to allow ICMP/ping packet to pass through firewall to the other segment/end.

The "icmp {permit | deny} ip_address net_mask [icmp_type] if_name " is the command used to allow PIX/ASA to response to ping when it's directed to its interface. You can specify different icmp message type, i.e echo, echo-reply, etc

The following example permits host 172.16.2.15 or hosts on subnet 172.22.1.0/16 to ping the outside interface:

hostname(config)# icmp permit host 172.16.2.15 echo-reply outside

hostname(config)# icmp permit 172.22.1.0 255.255.0.0 echo-reply outside

hostname(config)# icmp permit any unreachable outside