Hi,
can this be done. I have cisco pix 515e and would like to ping internal hosts for monitoring purposes. i have no trouble pinging the outside real IP. just don't know how to accomplish pinging the inside IP. i would like to ping my mail server inside for monitoring purposes. i would like to restrict ping from a certain host. the mail server inside is 192.168.100.50 inside hosts have no problems pinging outside.
any help will be appreciated!
ip address outside x.x.x.111 255.255.255.240 ip address inside 192.168.100.1 255.255.255.0
access-list 100 permit icmp any any echo-reply access-list 100 permit icmp any any time-exceeded access-list 100 permit icmp any any access-list 100 permit tcp any host x.x.x.112 eq www access-list 100 permit tcp any host x.x.x.112 eq 25 access-list 100 permit tcp any host x.x.x.112 eq 1001 access-list 100 permit tcp any host x.x.x.112 eq 1002 access-group 100 in interface outside
static (inside,outside) tcp x.x.x.112 1001 192.168.100.48 8080 netmask
255.255.255.255 0 0 static (inside,outside) tcp x.x.x.112 1002 192.168.100.49 8080 netmask 255.255.255.255 0 0 static (inside,outside) tcp x.x.x.112 www 192.168.100.50 www netmask 255.255.255.255 0 0 static (inside,outside) tcp x.x.x.112 25 192.168.100.50 25 netmask 255.255.255.255 0 0