paulmmalone
asked on
Easy VPN question
If I am trying to connect via VPN.
From my home computer I should be able the ping the public IP address of my office right?
From my home computer I should be able the ping the public IP address of my office right?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Most firewalls will have access to "ping" returned packets turned off. This is to stop icmp attacks (consuming firewalls processing to force them to slow down and fail).
If you would like to enable this on your Office firewall (PIX 501) I believe...you have to issue these commands.
(config)#icmp permit any any (applied to an interface for all icmp)
(config)#icmp permit any outside (this is all the traffic on the interface allowing icmp messages.)
To restict only return packets when ping from home.
(config)#access-list outside->in permit icmp any host xxxxxxxxxxxxxx echo-reply
add this traffic to your access-list for traffic coming in...
If you are using the Cisco client.....turn on the log and see what is happening. This can be verbose if you want....