pinging the inside/outside of a PIX

[arqdennis]

here's the issue. i am setting up a basic 2 interface configuration as seen on the Cisco configuration guide. I can't ping inside/outside from outside/inside. I've tried both NAT and no-NAT versions and same thing. i checked the log and get the following

Deny inbound icmp src outside:192.164.44.57 dst inside:192.168.40.47

but i am using the "conduit permit icmp any any". I am also not using a router on the outside lan. I've gone through the initial configuration several times and not luck.

should that config example work as it is?? any ideas??

thanks,

ARQ.

 

[arqdennis]

forgot it's a pix515 with 4.4(8) software.
ARQ.

 

[yizhar]

HI.

I recommend upgrading to a newer version.
Ver 4.4 is old and missing many features.

Post your test config here and you can get better answers to your problem.

You should also note the "ICMP" command which handles icmp to the pix own interfaces, while conduit handles icmp through the pix.

Can you ping the pix interfaces?

You should also try TCP in addition to ICMP for testing connectivity. Install a simple http/ftp/telnet/whatever service on one side and try to access it from the other side of the pix (in both directions).

You can try pixcript for assistant in generating the basic configuration script:

http://teachers.sivan.co.il/yizhar/files/pixcreen.htm

http://teachers.sivan.co.il/yizhar#pixcript

But remember that some features there are not compatible with ver 4.4 .

Bye


Yizhar Hurwitz

http://come.to/yizhar

http://teachers.sivan.co.il/yizhar

 

[arqdennis]

thanks, we found our problem. had to do with configuration using the route command.

ARQ.