Hot Downloads

×

Notice

The forum is in read only mode.
Welcome, Guest
Username: Password: Remember me
  • Page:
  • 1

TOPIC: enable traceroute from inside thru pix

enable traceroute from inside thru pix 12 years 6 months ago #13294

  • massoo
  • massoo's Avatar Topic Author
  • Visitor
  • Visitor
hi,

how to enable traceroute from any system inside ie, ALL my LAN to any host outside through pix 515e.

thanks
shann

Re: enable traceroute from inside thru pix 12 years 6 months ago #13295

normally, anything leaving a pix can get back in, but for Ping/Trace responses add the following -adapt for your setup.

access-list OUTSIDE_INBOUND_ACL line 1 remark Permit ICMP Responses
access-list OUTSIDE_INBOUND_ACL line 2 permit icmp any interface outside unreachable
access-list OUTSIDE_INBOUND_ACL line 3 permit icmp any interface outside time-exceeded
access-list OUTSIDE_INBOUND_ACL line 4 permit icmp any interface outside echo-reply


don't forget to apply the acl to the outside interface if you don't already have an outside acl.
  • Page:
  • 1
Time to create page: 0.116 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup