Hi,
I have problem for pinging outside for my PIXes :
I have a PIX 506E and a PIX515E, and some NATed internet servers inside in each PIX.
I found these internet applications can be pinged when I enable the icmp feature for internet users like following:
accss-list Out_Access_In permit icmp any any access-group Out_Access_In in interface outside
icmp permit any unreachable outside icmp deny any echo-reply outside
But I just want the internal users can ping outside, while I do not want Internet users can ping my Internet servers.
How can I achieve this goal ?
Thank you Benson