How do I make sure my host is allowed to reply?
Is there a config that I need to put on the PIX?
I do want all traffic from the inside going out.
Thanks.
"Daniel Cotts" <[EMAIL PROTECTED]> wrote in message
303479FA060CD211B8930000F805A88AA10C61@EXCHANGE1">news:303479FA060CD211B8930000F805A88AA10C61@EXCHANGE1...
> Also check your "outbound" statements. The default is to allow all traffic
> from inside. It can be configured to deny all traffic as follows:
> outbound 1 deny 0.0.0.0 0.0.0.0 1-65535 udp
> outbound 1 deny 0.0.0.0 0.0.0.0 1-65535 tcp
> Then permit statements open up only the desired flows. If your config is
> similar then make sure that your host is allowed to reply.
>
> > -----Original Message-----
> > From: Austin [mailto:[EMAIL PROTECTED]]
> > Sent: Thursday, November 09, 2000 2:55 PM
> > To: [EMAIL PROTECTED]
> > Subject: Re: PIX Help
> >
> >
> > Not working .. it is translated ...
> >
> > ""Plambeck, Todd"" <[EMAIL PROTECTED]> wrote in message
> > 616662531243D411887000805F65999503C341@HTSCORPPDC">news:616662531243D411887000805F65999503C341@HTSCORPPDC...
> > > Make sure the translation is in the xlate table ( sh xlate
> > ). If not ping
> > > out from the inside host then check it again.
> > >
> > > Todd
> > >
> > > -----Original Message-----
> > > From: [EMAIL PROTECTED]
> > [mailto:[EMAIL PROTECTED]]On Behalf Of
> > > Austin
> > > Sent:
> > Thursday, November 09, 2000 12:50 PM
> > > To: [EMAIL PROTECTED]
> > > Subject: PIX Help
> > >
> > >
> > > I am using a static mapping on the pix for an inside
> > illegal address to an
> > > outside legal address.
> > > I want to allow the inside machine to be pinged from the
> > outside as well
> > as
> > > allow http traffic to that machine.
> > > Lets say the inside address is 10.1.1.5 and the internet
> > legal address is
> > > 45.33.20.5
> > > This is what I did:
> > >
> > > static (inside, outside) 45.33.20.5 10.1.1.5
> > > conduit permit icmp host 45.33.20.5 any
> > > conduit permit tcp host 45.33.20.5 eq www any
> > >
> > > I cannot ping the inside machine from the internet with this config.
> > > Please help.
> > >
> > > Thanks.
> > >
> > >
> > > _________________________________
> > > FAQ, list archives, and subscription info:
> > > http://www.groupstudy.com/list/cisco.html
> > > Report misconduct and Nondisclosure violations to
> > [EMAIL PROTECTED]
> > >
> > > _________________________________
> > > FAQ, list archives, and subscription info:
> > http://www.groupstudy.com/list/cisco.html
> > > Report misconduct and Nondisclosure violations to
> > [EMAIL PROTECTED]
> > >
> >
> >
> > _________________________________
> > FAQ, list archives, and subscription info:
> > http://www.groupstudy.com/list/cisco.html
> > Report misconduct
> > and Nondisclosure violations to [EMAIL PROTECTED]
> >
>
> _________________________________
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
