Hi team, I have host with IP: 10.1.1.5/24 and on the pix I create static NAT as 200.200.200.239/24. I permit all icmp packet
Can anyone explain why from my host itself, I can't ping to 200.200.200.239..? Anyone from 10.1.1.0 can ping, and from host can ping to 200.200.200.239 as well except it's own public IP address from static NAT. thanks Grad PIX Version 6.0(1) nameif ethernet0 outside security0 nameif ethernet1 inside security100 access-list acl_in permit icmp any any access-list acl_out permit icmp any any access-list ipsec permit ip 10.0.0.0 255.0.0.0 10.243.60.0 255.255.255.0 access-list nonat permit ip 10.1.1.0 255.255.255.0 10.1.2.0 255.255.255.0 access-list 101 permit ip 10.0.0.0 255.0.0.0 10.0.0.0 255.0.0.0 interface ethernet0 auto interface ethernet1 auto ip address outside 200.200.200.1 255.255.255.0 ip address inside 10.1.1.1 255.255.255.0 ip local pool POOL 10.1.1.240-10.1.1.254 global (outside) 1 200.200.200.240-202.95.84.253 global (outside) 1 200.200.200.254 nat (inside) 0 access-list 101 nat (inside) 1 10.0.0.0 255.0.0.0 0 0 static (inside,outside) 200.200.200.239 10.1.1.5 netmask 255.255.255.255 0 0 access-group acl_out in interface outside access-group acl_in in interface inside route outside 0.0.0.0 0.0.0.0 200.200.200.2 1 route inside 10.0.0.0 255.0.0.0 10.1.1.2 1 _________________________________________________________________ Chat with friends online, try MSN Messenger: http://messenger.msn.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=34429&t=34429 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]