Hi That is not possible with IOS 6.x.IOS version 6.x does not support IPsec over TCP.PIX 501 does not support IOS version 7.x.http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080645722.shtmlvisit this link.Th...
Thanx alvaresAs I can see udaya did permits for icmp on access-lists but it is another thing that hi can not ping on different interface like from PC on LAN to DMZ interface. The PIX firewall has a feature that block pings from host on LAN to DMZ or ...
yes you can not ping interface on pix firewall if you are not connected directely on that interface like if you are on lan you can ping inside interface if you are on dmz you can ping dmz interface but not from host on lan to dmz interface or outside...
OK I will giv you an example if dmz have ip address 172.25.12.1 and host on dmz have 172.25.12.2 if LAN ip address is 10.0.0.254 and host on LAN have 10.0.0.1you should make access-list on inside interface to permit icmp access-list test permit icmp ...
Hi If you whant to ping ip address on dmz or outside through pix firewall you should make access-list to allow or permit icmp protocol from LAN to DMZ.