I did some research and echo-reply is the same as 0. However, I ran into another problem. I couldn't run tracert from my windows machine so I went back to any any until I get a few minutes to figure out how to enable outbound trace routes.
--- Ole Drews Jensen wrote: > It should work with > > conduit permit icmp any any 0 > > That would allow the ping to return home, but should > not allow ping requests > from outside unless you have another "hole" > somewhere else. > > Hth, > > Ole > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > Ole Drews Jensen > Systems Network Manager > CCNP, MCSE, MCP+I > RWR Enterprises, Inc. > [EMAIL PROTECTED] > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > http://www.RouterChief.com > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > Need a Job? > http://www.OleDrews.com/job > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > > > > > -----Original Message----- > From: x [mailto:[EMAIL PROTECTED]] > Sent: Friday, April 19, 2002 6:46 AM > To: [EMAIL PROTECTED] > Subject: PIX 5.3 and icmp [7:41941] > > > I want my internal users to be able to ping out, but > I > don't want anyone from the internet to ping my > network > or get any response at all. The best I have gotten > to > work so far is... > > conduit permit icmp any any echo-reply > > This lets machines on the internet ping us and we > can > ping outside. > > There are some icmp commands, but I wasn't able to > get > the desired result. Any ideas? > > __________________________________________________ > Do You Yahoo!? > Yahoo! Tax Center - online filing with TurboTax > http://taxes.yahoo.com/ [EMAIL PROTECTED] __________________________________________________ Do You Yahoo!? Yahoo! Health - your guide to health and wellness http://health.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=42982&t=41941 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]