asked on 3/23/2004

Forward ICMP to internal server PIX

Ok I have been getting denied respones from other mail servers because they can not reslove my mail servers IP. I set up a ptr with my ISP, but my pix box will not let the request go though to the internal mail server. I have set up access-list outsode_in permit icmp any any but only the outside interface on the unit will respond. I have found a link saying I can use a permit icmp any host xxx.xxx.xxx.xxx and that will forward the icmp request but it doesn't seem to work. Any thoughts?

Software Firewalls Cisco

Last Comment

klause2

3/23/2004

ASKER CERTIFIED SOLUTION

hawgpig

3/23/2004

THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.

View this solution by signing up for a free trial.

Members can start a 7-Day free trial and enjoy unlimited access to the platform.

See Pricing Options

Start Free Trial

SOLUTION

Les Moore

3/23/2004

THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.

View this solution by signing up for a free trial.

Members can start a 7-Day free trial and enjoy unlimited access to the platform.

See Pricing Options

Start Free Trial

klause2

3/23/2004

ASKER

Ok I have that set up but I still can't ping the address. Here is what I have
no fixup protocol smtp 25
access-list outside_in permit tcp any host 200.200.200.200 eq pop3
access-list outside_in permit tcp any host 200.200.200.200 eq smtp
access-list outside_in permit tcp any host 200.200.200.200 eq 81
access-list outside_in permit icmp any any
static (inside,outside) 200.200.200.200 204.63.168.112 netmask 255.255.255.255 0 0
access-group outside_in in interface outside

Now I have a router at 200.200.200.201 and my pix is set to 200.200.200.202 but I seem to only be able to ping 200.200.200.201. Maybe I need to fix a setting on my router?

(obviously the IP's have been changed)

klause2

3/23/2004

ASKER

Never mind I'm an idiot. It works I just have to ping it fro outside my network. I'm dumb. Thanks for the help.