I was under the impression that on a PIX515 by default, traffic from a higher security interface (inside, 100) would pass to a lower security interface (dmz, 10). However, I can not ping hosts from inside to dmz. Is that because the returning "pong" packets can't get through? If so, how should I configure this?
Thanks, Peter.
Nevermind on this, I figured it out. I can ping hosts now, but I still can't ping the IP of the dmz interface, is that normal?
You need to create an access-list and apply it to the dmz interface to allow echo reply
EX: access-list 10 permit icmp any any echo reply
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.