Hello - can anyone spot the problem with my PIX config? I have a PC on the inside interface and I can PING it OK from the Internet. I also have a machine on the DMZ but cannot get response to PINGs. The NATting appears OK. Maybe someone already solved this one before - here's hoping anyway. TIA,Ned
Sucessful PING to Good-PC
1216: Outbound ICMP echo reply (len 32 id 1973 seq 19969) Good-PC > 123.1.1.111 > 10.10.200.111 1217: Inbound ICMP echo request (len 32 id 1973 seq 20225) 10.10.10.1static (inside,outside) 123.1.1.111 Good-PC netmask 255.255.255.255 0 0
******************** Failed PING to BAD_PC1224: Inbound ICMP echo request (len 32 id 45975 seq 21249) 10.10.10.1
static (DMZ,outside) 123.1.1.120 BAD_PC netmask 255.255.255.255 0 0
access-list DMZ_inside permit tcp any any (hitcnt=0) access-list DMZ_inside permit icmp any any (hitcnt=0) access-list DMZ_inside permit ip any any (hitcnt=0) access-list DMZ_inside permit tcp any object-group DMZ_Network eq www
access-list inside-out permit ip any any access-list outside-in permit icmp any any (hitcnt=984)
************************* access-group outside-in in interface outside access-group inside-out in interface inside access-group DMZ_inside in interface DMZ *********************************ip address outside 123.1.1.1 255.255.255.0 ip address inside 172.1.0.25 255.255.0.0 ip address DMZ 192.168.1.1 255.255.255.0
******************************