Re: PIX to PIX: new subnet cannot ping to other side
- From: AM <am@xxxxx>
- Date: Thu, 29 Jun 2006 16:08:01 GMT
RLM wrote:
Hi Guys,
http://www.xs4all.nl/~dbolderm/Tekening1.jpg
I have 2 PIX's inplace. One end is a 192.168.1.x and 192.168.2.x
network, the other end is a 192.168.3.x network.
Ping/Acess to/from both sides is ok.
Now I've installed an ISA2004 on the 192.168.1.x network. This server
has a NIC with a 192.168.4.0 network. From this network I am unable to
ping the 192.168.3.0 network. I think the problem is in the PIX setup,
but I am pretty sure I created the correct access lists, allowed ICMP,
etc.
Logging on the pix shows ICMP request, but no replies.
Even if you lost all the links in your picture, I can tell you you need to specify on both the interface which ICMP traffic is permitted. So don't treat ICP like udp or TCP, thinking to specified rules only on one side.
HTH
Alex.
.
- Follow-Ups:
- References:
- Prev by Date: Re: WIC-1AM - auto answer question
- Next by Date: Routing between VPN road warrior clients
- Previous by thread: PIX to PIX: new subnet cannot ping to other side
- Next by thread: Re: PIX to PIX: new subnet cannot ping to other side
- Index(es):
Relevant Pages
|
