Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > pix, ping and nat-control

Reply
Thread Tools

pix, ping and nat-control

 
 
mstelles@gmail.com
Guest
Posts: n/a
 
      03-22-2006
Hi.

Im trying to let ping pass from one interface to another, with
nat-control disabled.

I created ACLs like these
access-list OUTSIDE line 1 extended permit icmp host <host A> host <pix
interface>
Then, I tried the command "icmp permit any"

After all this work and searchs with no success, I tried to configure
an inspect for icmp.

The icmp pkgs goes through the ACL OUTSIDE.

Any clues?

Thanks in advance.

 
Reply With Quote
 
 
 
 
Walter Roberson
Guest
Posts: n/a
 
      04-01-2006
In article <(E-Mail Removed). com>,
http://www.velocityreviews.com/forums/(E-Mail Removed) <(E-Mail Removed)> wrote:
>Im trying to let ping pass from one interface to another, with
>nat-control disabled.


>I created ACLs like these
>access-list OUTSIDE line 1 extended permit icmp host <host A> host <pix interface>


That looks like a 7.x configuration. It helps if you state
which PIX version you are running.

What exactly are you trying to ping? If you are trying to
ping an interface on the PIX itself which is not the "closest"
interface, then you cannot do that in 6.x; I don't know about 7.x.

If you are trying to ping a host "beyond" a PIX interface,
with the intention that you address the packets to the PIX
interface IP and that it would forward the packets to
an inside host, then you cannot do that in 6.x because 6.x
has no way of configuring icmp forwarding for the interface IP.
I don't know if 7.x does.

If you are trying to ping a host "beyond" a PIX interface
and that host is to be addressed by its internal IP
(as you mentioned nat having been disabled) then the
target IP you would want in the access-list would be the
internal IP of the target.
 
Reply With Quote
 
 
 
 
NETADMIN
Guest
Posts: n/a
 
      04-02-2006
What exactly you are trying to ask?
And give us full description which PIX IOS are you using with Model.

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
I do ping others and viceversa but, cannot ping myself jorgeantibes Wireless Networking 0 05-15-2009 11:37 AM
VRRP : I am unable to ping the virtual address, I can only ping thebackup addresses. ATM Cisco 2 11-13-2008 09:50 PM
Can Ping Switch but Can't Ping Rtr (behind it) Bob Simon Cisco 8 01-19-2005 05:31 PM
ping ping Why gruffydd Computer Support 3 12-29-2004 05:09 PM
Can not ping myself, but can ping others =?Utf-8?B?V0pQQw==?= Wireless Networking 6 12-26-2004 05:56 AM



Advertisments