Solved: Pinging inside interface on a Pix 501 from Outside Network

verbbbie2 · ‎06-15-2010

All

I have a Pix 501 firewall at a remote site that has an established IPSEC tunnel back to HQ. We have a monitor tool that pings remote sites to let us proactively know when a site goes down. I would like to set up this tool to ping the inside interface of the Pix like I can with the 871 routers; however I am unable to configure the Pix to allow the ICMP to the inside interface. I know by default that that the Pix does not allow ICMP to the opposite interface and I was wondering if someone could help me with a configuration that will allow this? I have attached my configuration from the pix!

Thanks

Brian

Federico Coto Fajardo · ‎06-16-2010

Hi,

Looking up the command tool, it seems the ''management-access'' command was introduced in version 6.3

I would recommend to upgrade to 6.3 if you have the option.

Federico.

View solution in original post

Federico Coto Fajardo · ‎06-15-2010

Hi,

If you enable the command ''management-access inside'', then you can PING the inside IP of the PIX from the other end of the tunnel.

Federico.

verbbbie2 · ‎06-16-2010

Thanks Federico that worked on most of my Pix Firewalls; how about for version 6.2? I don't see the managment-access command in the available commands!

Federico Coto Fajardo · ‎06-16-2010

Hi,

Looking up the command tool, it seems the ''management-access'' command was introduced in version 6.3

I would recommend to upgrade to 6.3 if you have the option.

Federico.