ICMP stopped working after adding ACL ???

ndog4ever · Jan 12, 2004

i have a Cisco Pix with 6.3(3)and having problems with ICMP being permited on the network. I cannot inside hosts from the Pix firewall or outside hosts. If anyone has any suggestions please let me know, i think i have just looked at this too long and missing something simple.

Here are my access-lists

access-list acl_inside line 1 permit icmp any any unreachable (hitcnt=0)
access-list acl_inside line 2 permit icmp any any echo-reply (hitcnt=0)
access-list acl_inside line 3 permit icmp any any echo (hitcnt=8)
access-list acl_inside line 4 deny tcp any any eq 6667 (hitcnt=102781)
access-list acl_inside line 5 deny udp any any eq 8998 (hitcnt=0)
access-list acl_inside line 6 deny udp any any eq 6667 (hitcnt=0)
access-list acl_inside line 7 deny udp any any eq 139 (hitcnt=0)
access-list acl_inside line 8 deny tcp any any eq 445 (hitcnt=15)
access-list acl_inside line 9 deny tcp any any eq 593 (hitcnt=0)
access-list acl_inside line 10 deny tcp any any eq 4444 (hitcnt=0)
access-list acl_inside line 11 deny tcp any any eq 138 (hitcnt=0)
access-list acl_inside line 12 deny udp any any eq netbios-dgm (hitcnt=0)
access-list acl_inside line 13 deny tcp any any eq netbios-ssn (hitcnt=6)
access-list acl_inside line 14 deny udp any any eq tftp (hitcnt=0)
access-list acl_inside line 15 deny tcp any any eq 135 (hitcnt=0)
access-list acl_inside line 16 deny udp any any eq 135 (hitcnt=0)
access-list acl_inside line 17 deny tcp any any eq 137 (hitcnt=0)
access-list acl_inside line 18 deny udp any any eq netbios-ns (hitcnt=15)
access-list acl_inside line 19 permit ip any any (hitcnt=164875)
access-list acl_outside; 12 elements
access-list acl_outside line 1 permit icmp any any unreachable (hitcnt=0)
access-list acl_outside line 2 permit icmp any any time-exceeded (hitcnt=0)
access-list acl_outside line 3 permit icmp any any echo-reply (hitcnt=0)
access-list acl_outside line 4 permit icmp any any echo (hitcnt=0)
access-list acl_outside line 5 deny udp any any eq 99 (hitcnt=0)
access-list acl_outside line 6 deny udp any any eq 1434 (hitcnt=0)
access-list acl_outside line 7 deny tcp any any eq 6667 (hitcnt=0)
access-list acl_outside line 8 deny udp any any eq 6667 (hitcnt=0)
access-list acl_outside line 9 deny tcp any any eq 445 (hitcnt=0)
access-list acl_outside line 10 deny tcp any any eq 4444 (hitcnt=0)
access-list acl_outside line 11 deny tcp any any eq 593 (hitcnt=0)
access-list acl_outside line 12 permit ip any any (hitcnt=11223)

And here is my access-group statements

access-group acl_outside in interface outside
access-group acl_inside in interface inside

Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

ICMP stopped working after adding ACL ???

ndog4ever

MIS

Similar threads

Part and Inventory Search

Sponsor