ICMP issue :: Static NAT and Dynamic PAT on PIX

This happened by mistake....

I did a Static NAT 172.16.1.10<=>200.X.X.X
e.g. static (inside,outside) 200.X.X.X ,172.16.1.10

Then the same public IP was used to do a PAT .
nat (inside) 1 0 0
global (outside) 200.X.X.X

Though all the users in my inside network were able to access the internet (www, mails etc.) , expect my static host i.e 172.16.1.10 , none of the hosts were able to ping any machine on the outside network. Except ICMP almost everything was fine ( i'm using almost coz this happened in one of the production networks i was wrking on and due to the exigency, cudn't do much to figure out why and what else was not wrking )

Any clue from anyone why this happened ..??

though i'm myself a CCSP, i cudnt think of any obvsious reason y this wud happen ....anyway any comments/help/suggestion is welcome...

will answer myself after some RnD if i dont get an answer on this forum for sure !!

cheers
long live Velocity reviews !!

 

PIX echo reply

Permit icmp echo reply on the outside interface to receive replies.

By default PIX drops ICMP packets.:shake:

 

ICMP echo reply is allowed dude, and tht is y i'm able to ping frm 172.16.1.10...its not due to ACLs but due to this combination of Static NAT and PAT using single public ip address...cudnt' get the time to replicate the scenario and do some RnD...will for for some free time