Help needed with a Cisco Pix 520

just so I understand this correctly. You have a switch on the inside network which you are trying to ping from the switch through the inside interface to the outside interface?

If that is the case then you need to set up a nat/pat.

Good Luck,

I wasn't able to figure out -what- James is trying to do, but if your analysis of his goal is correct, then setting up nat/pat would

*not* work on the 520. The 520 is limited to PIX 6.x, and in PIX 6.x is not allowed to start a packet from inside, have it go out and be routed back to the PIX for termination on the inside.

You are absolutely right.... my bad for over looking that. I had simular issues with trying to figure out what he needed. I took a stab n the dark.

,

Hi guys,

Here is my setup:

I have a 2620, with a NM-4E, as my VLAN trunking router-with two switches; a directly connected 2924 and a trunked 2912 to the '24. Then, one of the 10Mb ports of the NM-4E connects to the INSIDE of the Pix 520. The Outside port of the Pix 520 connects to one of the Ethernet ports on the 2611. (The 2924 connects to the 100/10 FastEthernet Port of the 2620)

As said before, I can ping all loopbacks on my network routers and the VLAN 1 IP's for the two switches-from the PIX command line itself. I can ping to the INSIDE port of the Pix from my 2620, the two switches, and the 2610 which hangs off of the 2620's WIC-2T card. The 2611 can ping the OUTSIDE port of thee PIX.

But, if I try to ping the LO of the 2611 from say the 2620, or the 2912 switch, I cannot.

I hope this cleared things up.

access-list ping_acl permit icmp any any

access-group ping_acl in interface outside

Hope this will clear if you try once..

Situation resolved with conduit and NAT/PAT.

James