Can not access internet through PIX 506

Posted on 2005-03-29
Medium Priority
Last Modified: 2008-01-09
I can see the Pix but can not get through it. I can not ping trace outside port either.  
Question by:riverraid
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions

Expert Comment

ID: 13659528
Your current configuration and some more details bout what you like to do would help in solving your issue.

Expert Comment

ID: 13660579
Have you got the outside interface set up and configured?  Once set up traffic going outbound i.e. higher level security to lower level security is permitted unless you have set up access lists or filtering.

LVL 79

Accepted Solution

lrmoore earned 1000 total points
ID: 13662081
>I can not ping trace outside port either
You never will be able to from the inside. By design.

You can't ping anything through the PIX unless you explicitly permit icmp with an access-list
   access-list icmp permit any any
   access-group icmp in interface outside

Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments


Expert Comment

ID: 13664114
lrmoore is correct in that you will never be able to ping or connect to the outside interface from an inside LAN.  By design.  However this should not stop you from pinging an outside server from an inside server if you have not applied any access lists to it.

The PIX is setup so that after you have ran the initial config, and configured the IP addresses and such, that you should be able to surf the internet from the inside already.

Make sure that the router you have in front of the PIX is set to forward traffic for your internal network to the PIX, and make sure either your PIX or Router is performing NAT.

Expert Comment

ID: 13667252
If your router have a different IP address to your PIX, try ping the router from your internal network.
Then try it from the PIX, try ping the router.

If you can't even do that, check your firewall configuration.

By default, (just recently) the external interface is shutdown out of the box.

Please confirm in the config you have
interface ethernet0 auto shutdown

All you need to do is type in
interface ethernet0 10baset

Good Luck,

LVL 79

Expert Comment

ID: 13703265
How's it going?  Do you need more information?
Can you close this question?


Thanks for attending to this open question.


Author Comment

ID: 13764637
i have been out of town and a friend of mine was taking a look at it.  as soon as i talk to him about the progress i will let you know where i am at.

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When speed and performance are vital to revenue, companies must have complete confidence in their cloud environment.
During and after that shift to cloud, one area that still poses a struggle for many organizations is what to do with their department file shares.
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Suggested Courses
Course of the Month11 days, 20 hours left to enroll

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question