It should work with
conduit permit icmp any any 0
That would allow the ping to return home, but should not allow ping requests
from outside unless you have another "hole" somewhere else.
Hth,
Ole
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Ole Drews Jensen
Systems Network Manager
CCNP, MCSE, MCP+I
RWR Enterprises, Inc.
[EMAIL PROTECTED]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
http://www.RouterChief.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Need a Job?
http://www.OleDrews.com/job
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-----Original Message-----
From: x [mailto:[EMAIL PROTECTED]]
Sent: Friday, April 19, 2002 6:46 AM
To: [EMAIL PROTECTED]
Subject: PIX 5.3 and icmp [7:41941]
I want my internal users to be able to ping out, but I
don't want anyone from the internet to ping my network
or get any response at all. The best I have gotten to
work so far is...
conduit permit icmp any any echo-reply
This lets machines on the internet ping us and we can
ping outside.
There are some icmp commands, but I wasn't able to get
the desired result. Any ideas?
__________________________________________________
Do You Yahoo!?
Yahoo! Tax Center - online filing with TurboTax
http://taxes.yahoo.com/
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=41943&t=41941
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
