RE: PIX Help

Thu, 09 Nov 2000 14:21:14 -0800 

Also check your "outbound" statements. The default is to allow all traffic
from inside. It can be configured to deny all traffic as follows:
outbound   1 deny 0.0.0.0 0.0.0.0 1-65535 udp
outbound   1 deny 0.0.0.0 0.0.0.0 1-65535 tcp
Then permit statements open up only the desired flows. If your config is
similar then make sure that your host is allowed to reply.

> -----Original Message-----
> From: Austin [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, November 09, 2000 2:55 PM
> To: [EMAIL PROTECTED]
> Subject: Re: PIX Help
> 
> 
> Not working .. it is translated ...
> 
> ""Plambeck, Todd"" <[EMAIL PROTECTED]> wrote in message
> 616662531243D411887000805F65999503C341@HTSCORPPDC">news:616662531243D411887000805F65999503C341@HTSCORPPDC...
> > Make sure the translation is in the xlate table ( sh xlate 
> ). If not ping
> > out from the inside host then check it again.
> >
> > Todd
> >
> > -----Original Message-----
> > From: [EMAIL PROTECTED] 
> [mailto:[EMAIL PROTECTED]]On Behalf Of
> > Austin
> > Sent: 
> Thursday, November 09, 2000 12:50 PM
> > To: [EMAIL PROTECTED]
> > Subject: PIX Help
> >
> >
> > I am using a static mapping on the pix for an inside 
> illegal address to an
> > outside legal address.
> > I want to allow the inside machine to be pinged from the 
> outside as well
> as
> > allow http traffic to that machine.
> > Lets say the inside address is 10.1.1.5 and the internet 
> legal address is
> > 45.33.20.5
> > This is what I did:
> >
> > static (inside, outside) 45.33.20.5 10.1.1.5
> > conduit permit icmp host 45.33.20.5 any
> > conduit permit tcp host 45.33.20.5 eq www any
> >
> > I cannot ping the inside machine from the internet with this config.
> > Please help.
> >
> > Thanks.
> >
> >
> > _________________________________
> > FAQ, list archives, and subscription info:
> > http://www.groupstudy.com/list/cisco.html
> > Report misconduct and Nondisclosure violations to 
> [EMAIL PROTECTED]
> >
> > _________________________________
> > FAQ, list archives, and subscription info:
> http://www.groupstudy.com/list/cisco.html
> > Report misconduct and Nondisclosure violations to 
> [EMAIL PROTECTED]
> >
> 
> 
> _________________________________
> FAQ, list archives, and subscription info: 
> http://www.groupstudy.com/list/cisco.html
> Report misconduct 
> and Nondisclosure violations to [EMAIL PROTECTED]
> 

_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Reply via email to