Can't say I can suggest anything without more config, but what do you mean
by the strange route?
The route is for the directly connected subnet on your outside interface.
Give us a peek at some more of config.
Gareth
""Gary Crouch"" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I have just finish upgrade our pix 520 from version 4.4 to 5.3(1)
> I am unable to ping the outside interface's ip address or anything outside
=
> the fire wall
> from a pc attached to the inside interface
>
> I have tried=20
> conduit permit icmp any any=20
> and using an access-list to permit icmp any any and bound it to the out =
> side interface with access-group
>
> also there is a strange route being added the is not in the sub net=20
> when I type no route outside 63.90.153.64 255.255.255.224 63.90.153.66 1 =
> CONNECT static=20
> it replie route already exist
>
> outside address 63.90.153.66 225.255.255.224
> sh route out put below
> outside 63.90.153.64 255.255.255.224 63.90.153.66 1 CONNECT static
> inside 192.168.27.0 255.255.255.0 192.168.27.1 1 CONNECT static
>
> thanks for any help=20
> I am configure this to be a replacement for the current box that will =
> become the failover firewall
>
> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
> <HTML><HEAD>
> <META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
> <META content="MSHTML 5.50.4611.1300" name=GENERATOR></HEAD>
> <BODY style="MARGIN-TOP: 2px; FONT: 8pt Tahoma; MARGIN-LEFT: 2px">
> <DIV><FONT size=1>I have just finish upgrade our pix 520 from version 4.4
to
> 5.3(1)</FONT></DIV>
> <DIV><FONT size=1>I am unable to ping the outside interface's ip address
or
> anything outside the fire wall</FONT></DIV>
> <DIV><FONT size=1>from a pc attached to the inside interface</FONT></DIV>
> <DIV><FONT size=1></FONT> </DIV>
> <DIV><FONT size=1>I have tried </FONT></DIV>
> <DIV><FONT size=1>conduit permit icmp any any </FONT></DIV>
> <DIV><FONT size=1>and using an access-list to permit icmp any any and
bound it
> to the out side interface with access-group</FONT></DIV>
> <DIV><FONT size=1></FONT> </DIV>
> <DIV><FONT size=1>also there is a strange route being added the is not in
the
> sub net </FONT></DIV>
> <DIV><FONT size=1>when I type no route outside 63.90.153.64
255.255.255.224
> 63.90.153.66 1 CONNECT static </FONT></DIV>
> <DIV><FONT size=1>it replie route already exist</FONT></DIV>
> <DIV><FONT size=1></FONT> </DIV>
> <DIV><FONT size=1>outside address 63.90.153.66
225.255.255.224</FONT></DIV>
> <DIV><FONT size=1>sh route out put below</FONT></DIV>
> <DIV>outside 63.90.153.64 255.255.255.224 63.90.153.66 1 CONNECT
> static<BR>inside 192.168.27.0 255.255.255.0 192.168.27.1 1 CONNECT
static</DIV>
> <DIV> </DIV>
> <DIV>thanks for any help </DIV>
> <DIV>I am configure this to be a replacement for the current box that will
> become the failover firewall</DIV>
> <DIV><FONT size=1></FONT> </DIV>
> <DIV><FONT size=1></FONT> </DIV></BODY></HTML>
>
> _________________________________
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
