ICMP and Exchange

I added these line into a PIX 515 to prevent it from responding to pings initiated on the outside.  That has worked, but in the process I have prevented one of our other sites from accessing Exchange.  This site connects over a VPN connection to ours.   Once I took the lines out, mail worked fine again for them.  Are there other ICMP types I would need to add for Exchange, or is there a way I can allow all ICMP from that remote site through?

access-list inbound-traffic permit icmp any any unreachable
access-list inbound-traffic permit icmp any any echo-reply
access-list inbound-traffic permit icmp any any time-exceeded
icmp deny any outside
leerlpAsked:
Who is Participating?
 
lrmooreConnect With a Mentor Commented:
You can easily allow icmp from select hosts..

access-list inbound-traffic permit icmp host a.b.c.d any
access-list inbound-traffic permit icmp <subnet> <mask> any

I'm not sure why that one site refuses to "play" with Exchange without icmp, but I'm not an Exchange expert by any means...
0
 
leerlpAuthor Commented:
It looks like that took care of it.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.