Is icmp deny comand used? Do show icmp to see You may need to use icmp permit. See manual for full syntax
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Elijah Savage III Sent: Sunday, October 13, 2002 10:37 AM To: [EMAIL PROTECTED] Subject: RE: Ping and traceroute throught pix [7:55470] This did not work for me could there be something wrong with my pix? -----Original Message----- From: Silju Pillai [mailto:[EMAIL PROTECTED]] Sent: Sunday, October 13, 2002 8:35 AM To: [EMAIL PROTECTED] Subject: RE: Ping and traceroute throught pix [7:55470] just give the following commands... access-list acl-in permit icmp any any access-list acl-out permit icmp any any access-group acl-in in interface inside access-group acl-out in interface outside I gave two access-lists to distinguish between inside and outside traffic. This will allow ping and traceroute in both directions. But remember PIX interfaces will not showup in the traceroute. Hope this helps regards Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=55493&t=55470 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
