Cisco Community
English
Register
Announcing the Project Gallery! Click here to read community member deployment stories and share your projects!
Register
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
271
Views
0
Helpful
0
Replies
Highlighted
faizanelahi
Beginner
Beginner
‎09-02-2019 04:34 AM
‎09-02-2019 04:34 AM

Firewall Virtual IP not pinging - After ACL

Hi,

We have a fortigate firewall where we have done one to one nat of local IP with public IP. We have a requirement of pinging a virtual IP (public IP) from the internal network. After configuring one policy it worked fine.

Later we have configured an access list to allow only one network to ping this VLAN and applied the acl on inbound direction of vlan. It worked fine but public IP (virtual IP of fortigate) stopped pinging.

My requirement is to ping both virtual IP and private IP from 10.10.200.0 network. If i remove the access list, virtual IP is pinging fine.

Below is my access list,

ip access-list extended DMZ

10 permit ip 10.10.200.0 0.0.0.255 any

20 permit ip 10.10.0.0 0.0.255.255 10.10.200.0 0.0.0.255

30 deny ip 10.10.0.0 0.0.255.255 10.10.0.0 0.0.255.255

40 permit ip any any

Could anyone suggest what is wrong here.

Thanks,

Labels:
Everyone's tags (1)
0 Helpful
Reply
Latest Contents
How to configure a management vlan while using GRE tunnel
Created by Zurattos on 08-11-2020 02:44 PM
0
0
0
0
Hello , I really need your help , how can I configure a management vlan for the switch while using GRE tunnel between two routers ? Best Regards 
Cisco Champion Radio: S7|E30 Taming Your AI/ ML Workloads wi...
Created by aalesna on 08-11-2020 10:22 AM
0
0
0
0
Cisco Champion Radio · S7|E30 Taming Your AI/ ML Workloads with Kubeflow   As organizations increasingly introduce machine learning (ML) capabilities to their existing products, their artificial intelligence (AI) projects and operations complexity g... view more
Cisco IOS-XE 17.3.1 – Catalyst 9000 Switching Updates
Created by dhristov on 08-10-2020 11:56 AM
0
5
0
5
Cisco IOS-XE 17.3.1 – Catalyst Switching Updates   Table of Contents IOS-XE 17.3.1 Hardware Additions since IOS-XE 17.2.1 Key Summary Features Platform and Infra Features High Availability Features Routing / MPLS / VPN Features Security Features &nbs... view more
Identify traffic flowing through the IPSec Tunnel
Created by techjoe.2 on 08-07-2020 10:25 PM
0
0
0
0
Hi Everyone,I have 2 queries1. After we configure the IPSec VPN in a Cisco Router, how do we identify and check that the traffic is flowing        through the tunnel? Are there any commands and ways to find it out?2. What are some of t... view more
S7|E29 Increase Visibility and Enhance Security with Cisco A...
Created by aalesna on 08-04-2020 10:18 AM
0
0
0
0
Cisco Champion Radio · S7|E29 Increase Visibility and Enhance Security with Cisco AI Endpoint Analytics   Cisco is on a journey to making networking smarter with artificial intelligence and machine learning. The latest stop in this journey, Cisco AI... view more
Content for Community-Ad