Hello,
I am trying to write up a configuration to test PIX firewalls. I have a pix 515 which I have networked into a hub with two other computers. I am trying to display it's ability to refuse connections. I can ping it from one machine and I can ping the machine from it.. I put in the access-list:
access-list all deny ICMP any any
but I can still ping the machine from the firewall and I can still ping the firewall from the machine. Shouldn't pings not be responded to with that rule? and If I have this wrong, what can I use to prove the firewall has the ability to refuse certain connections? I have linux redhat 9.0 on one machine and win NT server on the other.
any help would is appreciated
thanks
-Randy
I am trying to write up a configuration to test PIX firewalls. I have a pix 515 which I have networked into a hub with two other computers. I am trying to display it's ability to refuse connections. I can ping it from one machine and I can ping the machine from it.. I put in the access-list:
access-list all deny ICMP any any
but I can still ping the machine from the firewall and I can still ping the firewall from the machine. Shouldn't pings not be responded to with that rule? and If I have this wrong, what can I use to prove the firewall has the ability to refuse certain connections? I have linux redhat 9.0 on one machine and win NT server on the other.
any help would is appreciated
thanks
-Randy