Re: can't ping the internet through pix

Fri, 23 Mar 2001 09:44:52 -0800 

DO you have statics for these hosts you are pinging
from or a blanket global (outside) ?   Your internal
hosts will need to be translated to routable IPs. 
That is unless youa re using NAT 0 and have a Internet
routable IP assigned to all your internal hosts.  In
which case you'll need a staic (inside, outside)
mapping your IPs to them selves (this can be done with
a mapping of a network range to itself, inplace of /32
mappings per host.)

Hope that helps.

--- Brent Ulfig <[EMAIL PROTECTED]> wrote:
> I've got an unusual problem with my PIX 515.
> 
> I've configured the inside interface correctly, and
> can ping hosts on the
> internal network.  I've configured the outside
> interface correctly (as far
> as ip addresses go) and can ping anywhere on the
> internet.
> 
> I've configured the router (to the internet) as the
> default route of the
> pix...and the pix as the default gateway of the
> hosts on the internal
> network.
> 
> I've also used the  conduit permit icmp any any
> command so that i can ping in and out of the
> firewall...
> 
> When I try to ping anywhere on the internet from the
> firewall it
> works...also when i try to ping the internal network
> it works...
> 
> When i try to ping the pix from a host it
> works...when i try to ping the
> router (to the internet) from a host it
> works...(meaning it goes through the
> pix to the router fine)
> 
> however, when i try to ping anywhere on the internet
> (including the next hop
> from the router) it doesn't work...i can't get
> passed the router...it just
> dead ends there...
> 
> i checked to make sure that the subnet mask on the
> pix is right...and its
> fine...
> 
> any ideas?
> 
> 
> Thanks,
> 
> Brent
> CCNP, CCDA, MCSE, MCP+I, etc.
> 
> 
> _________________________________
> FAQ, list archives, and subscription info:
> http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to
[EMAIL PROTECTED]


=====
_____________________________________________
Moe Tavakoli

__________________________________________________
Do You Yahoo!?
Get email at your own domain with Yahoo! Mail. 
http://personal.mail.yahoo.com/

_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Reply via email to