I have a new PIX 525. I'm trying to upgrade the IOS, and can't even ping to get to the PC/TFTP Server. It's driving me nuts. I can upgrade it via Monitor Mode, no problem. But I'm trying to upgrade via "copy tftp flash" command, which won't work if I can't even ping.
I'm not even trying to go out. Just trying to ping the inside interface from the inside. I've got my PC directly connected to the Inside Interface.
Also, this is a Secondary PIX, not the primary. That shouldn't matter should it?
I tried both methods, using ACL and Conduit/icmp permit, both don't work.
Any suggestions would be grateful. ======================================= PC/TFTP Server (directly connected to PIX Inside interface)
10.107.16.116 255.255.255.0 GW 10.107.16.1 ======================================= PIX config I entered: nameif e1 inside sec100 int e1 auto ip addr inside 10.107.16.118 255.255.255.0 route inside 0 0 10.107.16.116 icmp permit 10.107.16.116 inside conduit permit icmp any any echo-reply PIX Config is below: ======================================= : Written by enable_15 at 10:18:57.897 UTC Fri Jan 12 2007 PIX Version 6.3(1) interface ethernet0 auto shutdown interface ethernet1 auto interface gb-ethernet0 1000auto shutdown interface gb-ethernet1 1000auto shutdown interface ethernet2 auto shutdown interface ethernet3 auto shutdown interface ethernet4 auto shutdown interface ethernet5 auto shutdown nameif ethernet0 outside security0 nameif ethernet1 inside security100 nameif gb-ethernet0 intf2 security4 nameif gb-ethernet1 intf3 security6 nameif ethernet2 intf4 security8 nameif ethernet3 intf5 security10 nameif ethernet4 intf6 security12 nameif ethernet5 intf7 security14 enable password xxxxxxxxxxxxxxxxx passwd xxxxxxxxxxxxxx encrypted hostname PIX525A domain-name xxx fixup protocol ftp 21 fixup protocol h323 h225 1720 fixup protocol h323 ras 1718-1719 fixup protocol http 80 fixup protocol ils 389 fixup protocol rsh 514 fixup protocol rtsp 554 fixup protocol sip 5060 fixup protocol sip udp 5060 fixup protocol skinny 2000 fixup protocol smtp 25 fixup protocol sqlnet 1521 names pager lines 24 icmp permit 10.107.16.116 inside mtu outside 1500 mtu inside 1500 mtu intf2 1500 mtu intf3 1500 mtu intf4 1500 mtu intf5 1500 mtu intf6 1500 mtu intf7 1500 no ip address outside ip address inside 10.107.16.118 255.255.255.0 no ip address intf2 no ip address intf3 no ip address intf4 no ip address intf5 no ip address intf6 no ip address intf7 ip audit info action alarm ip audit attack action alarm no failover failover timeout 0:00:00 failover poll 15 no failover ip address outside no failover ip address inside no failover ip address intf2 no failover ip address intf3 no failover ip address intf4 no failover ip address intf5 no failover ip address intf6 no failover ip address intf7 pdm history enable arp timeout 14400 conduit permit icmp any any echo-reply timeout xlate 3:00:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00 timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00 timeout uauth 0:05:00 absolute aaa-server TACACS+ protocol tacacs+ aaa-server RADIUS protocol radius aaa-server LOCAL protocol local no snmp-server location no snmp-server contact snmp-server community nonpublic no snmp-server enable traps floodguard enable telnet timeout 5 ssh timeout 5 console timeout 0 terminal width 80 Cryptochecksum:xxxxxxxxxxxxxxxxxx =============================== Thanks to All in advance