I can't ping from my DMZ to my Inside Computers. I can ping my DMZ computers from the inside though. Here is a copy of my config. Someone please help.
PIX Version 6.1(2)
nameif ethernet0 outside security0
nameif ethernet1 inside security100
nameif ethernet2 dmz security10
enable password WIWDR7hWs0b/LYxW encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
hostname Pixfirewall
fixup protocol ftp 21
fixup protocol http 80
fixup protocol h323 1720
fixup protocol rsh 514
fixup protocol rtsp 554
fixup protocol smtp 25
fixup protocol sqlnet 1521
fixup protocol sip 5060
fixup protocol skinny 2000
fixup protocol domain 53
names
access-list dmz permit ip any any
pager lines 24
pager lines 24
logging on
logging host inside 10.1.0.7
interface ethernet0 100full
interface ethernet1 100full
interface ethernet2 100full
mtu outside 1500
mtu inside 1500
mtu dmz 1500
ip address outside ccc.ccc.ccc.2 255.255.255.0
ip address inside bbb.bbb.bbb.1 255.255.255.0
ip address dmz aaa.aaa.aaa.17 255.255.255.240
ip audit info action alarm
ip audit attack action alarm
pdm history enable
arp timeout 14400
global (outside) 1 ccc.ccc.ccc.12-ccc.ccc.ccc.254
global (dmz) 1 aaa.aaa.aaa.17-aaa.aaa.aaa.30 netmask 255.255.255.240
nat (inside) 1 bbb.bbb.bbb.0 255.255.255.0 0 0
nat (dmz) 1 aaa.aaa.aaa.0 255.255.255.0 0 0
static (dmz,outside) ccc.ccc.ccc.11 bbb.bbb.bbb.20 netmask 255.255.255.255 0 0
static (dmz,outside) ccc.ccc.ccc.5 bbb.bbb.bbb.19 netmask 255.255.255.255 0 0
static (inside,outside) ccc.ccc.ccc.3 bbb.bbb.bbb.3 netmask 255.255.255.255 0 0
static (inside,dmz) bbb.bbb.bbb.0 bbb.bbb.bbb.0 netmask 255.255.255.255 0 0
access-group dmz in interface dmz
access-group dmz in interface outside
conduit permit tcp host ccc.ccc.ccc.5 eq smtp any
route outside 0.0.0.0 0.0.0.0 ccc.ccc.ccc.1 1
timeout xlate 0:05:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h323 0:05:00 si
p 0:30:00 sip_media 0:02:00
timeout uauth 0:05:00 absolute
aaa-server TACACS+ protocol tacacs+
aaa-server RADIUS protocol radius
no snmp-server location
no snmp-server contact
snmp-server community public
no snmp-server enable traps
floodguard enable
no sysopt route dnat
crypto map mymap 30 ipsec-isakmp
telnet timeout 5
ssh timeout 5
terminal width 80
Thanks Chris
PIX Version 6.1(2)
nameif ethernet0 outside security0
nameif ethernet1 inside security100
nameif ethernet2 dmz security10
enable password WIWDR7hWs0b/LYxW encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
hostname Pixfirewall
fixup protocol ftp 21
fixup protocol http 80
fixup protocol h323 1720
fixup protocol rsh 514
fixup protocol rtsp 554
fixup protocol smtp 25
fixup protocol sqlnet 1521
fixup protocol sip 5060
fixup protocol skinny 2000
fixup protocol domain 53
names
access-list dmz permit ip any any
pager lines 24
pager lines 24
logging on
logging host inside 10.1.0.7
interface ethernet0 100full
interface ethernet1 100full
interface ethernet2 100full
mtu outside 1500
mtu inside 1500
mtu dmz 1500
ip address outside ccc.ccc.ccc.2 255.255.255.0
ip address inside bbb.bbb.bbb.1 255.255.255.0
ip address dmz aaa.aaa.aaa.17 255.255.255.240
ip audit info action alarm
ip audit attack action alarm
pdm history enable
arp timeout 14400
global (outside) 1 ccc.ccc.ccc.12-ccc.ccc.ccc.254
global (dmz) 1 aaa.aaa.aaa.17-aaa.aaa.aaa.30 netmask 255.255.255.240
nat (inside) 1 bbb.bbb.bbb.0 255.255.255.0 0 0
nat (dmz) 1 aaa.aaa.aaa.0 255.255.255.0 0 0
static (dmz,outside) ccc.ccc.ccc.11 bbb.bbb.bbb.20 netmask 255.255.255.255 0 0
static (dmz,outside) ccc.ccc.ccc.5 bbb.bbb.bbb.19 netmask 255.255.255.255 0 0
static (inside,outside) ccc.ccc.ccc.3 bbb.bbb.bbb.3 netmask 255.255.255.255 0 0
static (inside,dmz) bbb.bbb.bbb.0 bbb.bbb.bbb.0 netmask 255.255.255.255 0 0
access-group dmz in interface dmz
access-group dmz in interface outside
conduit permit tcp host ccc.ccc.ccc.5 eq smtp any
route outside 0.0.0.0 0.0.0.0 ccc.ccc.ccc.1 1
timeout xlate 0:05:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h323 0:05:00 si
p 0:30:00 sip_media 0:02:00
timeout uauth 0:05:00 absolute
aaa-server TACACS+ protocol tacacs+
aaa-server RADIUS protocol radius
no snmp-server location
no snmp-server contact
snmp-server community public
no snmp-server enable traps
floodguard enable
no sysopt route dnat
crypto map mymap 30 ipsec-isakmp
telnet timeout 5
ssh timeout 5
terminal width 80
Thanks Chris