No pinging through..

Discussion in 'Cisco' started by Matt, Feb 23, 2005.

  1. Matt

    Matt Guest

    Hi all,

    Can someone look at the config below (PIX506E) and see any reason why:

    From the webserver 192.168.202.3 I can ping the pix @ 192.168.202.248
    From the Pix I can ping the web server no problem.
    From the Pix I can ping any outside address, no problem.
    But from the web server I can not ping through the pix to the outside world?

    Thanks!
    (Outside addresses changed to protect the deranged)

    P.S. If you see anything else wrong with teh config, please let me know!
    :eek:)

    Matt

    Building configuration...
    : Saved
    :
    PIX Version 6.3(3)
    interface ethernet0 auto
    interface ethernet1 auto
    nameif ethernet0 outside security0
    nameif ethernet1 inside security100
    enable password *********** encrypted
    passwd ************ encrypted
    hostname OURPIX
    domain-name OURDOMAIN.local
    fixup protocol dns maximum-length 512
    fixup protocol ftp 21
    fixup protocol h323 h225 1720
    fixup protocol h323 ras 1718-1719
    fixup protocol http 80
    fixup protocol rsh 514
    fixup protocol rtsp 554
    fixup protocol sip 5060
    fixup protocol sip udp 5060
    fixup protocol skinny 2000
    fixup protocol smtp 25
    fixup protocol sqlnet 1521
    fixup protocol tftp 69
    names
    name 192.168.202.3 WebServer
    access-list out_to_in permit tcp any any eq www
    access-list out_to_in permit tcp any any eq smtp
    access-list out_to_in permit icmp any any
    access-list in_to_out permit icmp any any
    pager lines 24
    logging buffered debugging
    mtu outside 1500
    mtu inside 1500
    ip address outside 100.200.250.228 255.255.255.240
    ip address inside 192.168.202.248 255.255.255.0
    ip audit info action alarm
    ip audit attack action alarm
    pdm location 192.168.202.248 255.255.255.255 inside
    pdm location WebServer 255.255.255.255 inside
    pdm history enable
    arp timeout 14400
    global (outside) 1 100.200.250.232-100.200.250.238 netmask 255.255.255.240
    global (outside) 1 100.200.250.231 netmask 255.255.255.240
    nat (inside) 1 0.0.0.0 0.0.0.0 0 0
    static (inside,outside) 100.200.250.228 WebServer netmask
    255.255.255.255 0 0
    access-group out_to_in in interface outside
    access-group in_to_out in interface inside
    route outside 0.0.0.0 0.0.0.0 100.200.250.225 1
    timeout xlate 3:00:00
    timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225
    1:00:00
    timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00
    timeout uauth 0:05:00 absolute
    aaa-server TACACS+ protocol tacacs+
    aaa-server RADIUS protocol radius
    aaa-server LOCAL protocol local
    http server enable
    http WebServer 255.255.255.255 inside
    no snmp-server location
    no snmp-server contact
    snmp-server community public
    no snmp-server enable traps
    floodguard enable
    telnet timeout 5
    ssh timeout 5
    console timeout 0
    terminal width 80
    Cryptochecksum:4a3ccd4663e351f127be0d91e0829b93
    : end
    [OK]
     
    Matt, Feb 23, 2005
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. atodd_109

    Router Pinging Devices

    atodd_109, Jul 9, 2003, in forum: Cisco
    Replies:
    1
    Views:
    2,054
    sPiDEr
    Jul 9, 2003
  2. Jerry
    Replies:
    5
    Views:
    807
    Erik Tamminga
    Oct 27, 2003
  3. johnnyboy

    pinging through PIX v6.3?

    johnnyboy, Nov 10, 2003, in forum: Cisco
    Replies:
    4
    Views:
    3,411
    Eric DuMond
    Nov 10, 2003
  4. joeblow
    Replies:
    0
    Views:
    564
    joeblow
    Sep 2, 2004
  5. Anand Mohabir
    Replies:
    1
    Views:
    1,287
    Johnny Routin
    Oct 22, 2004
Loading...

Share This Page