11-02-2005 04:16 AM - edited 02-21-2020 02:04 PM
Hi Everyone,
I hope I've posted this in the right place !
I'm a bit new to Cisco IOS, so please forgive me if I'm asking a stupid question !
We have a PIX 515E firewall 6.3(4)on which I've used the VPN wizard to set up a remote access VPN for the Cisco VPN client on the outside interface.
When I connect from home on my WinXP Pro SP2 laptop running Cisco VPN Client 4.0.5(C) I seem to be able to connect to most network resources (i.e file shares, I can RDP into servers etc) but I can't seem to be able to ping anything - I just get request times out.
I'm sure it's something stupid I've done (or not done).
I've attached my config, and would be grateful if anyone could take a look and point me in the right direction.
Thanks in advance for your help,
Peter.
Solved! Go to Solution.
11-03-2005 12:12 AM
Hi Peter,
You need to add a line to the access-list inside_access_in:
enable
conf t
access-list inside_access_in permit icmp any any
exit
write mem
Kind Regards
Cathy
11-02-2005 07:31 AM
Hi Peter,
It isn't immediately obvious which of the ACLs you are using for your remote clients, but the problem might lie with not allowing ICMP echo-reply back out.
Prior to PIX 7 there is no ICMP inspection engine, so you need to explicitly allow return traffic.
HTH
Cathy
11-02-2005 08:13 AM
Hi Cathy,
Thanks very much for your reply.
What you've said sort of makes sense to me !(as I said, I'm relatively new to Cisco), but I'm not entirely sure how to implement it !
Can you tell me where I would need to go in the SDM to enable this for my VPN, or what command I would use at the command line ?
Thanks,
Peter.
11-03-2005 12:12 AM
Hi Peter,
You need to add a line to the access-list inside_access_in:
enable
conf t
access-list inside_access_in permit icmp any any
exit
write mem
Kind Regards
Cathy
11-03-2005 02:56 AM
Hi Cathy,
Thanks very much - that worked great !
Cheers,
Peter.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide