Hot Downloads

Welcome, Guest
Username: Password: Remember me

TOPIC: enable traceroute from inside thru pix

enable traceroute from inside thru pix 10 years 9 months ago #13294

  • massoo
  • massoo's Avatar
hi,

how to enable traceroute from any system inside ie, ALL my LAN to any host outside through pix 515e.

thanks
shann
The administrator has disabled public write access.

Re: enable traceroute from inside thru pix 10 years 9 months ago #13295

  • d_jabsd
  • d_jabsd's Avatar
  • Offline
  • Distinguished Member
  • Posts: 153
  • Karma: 0
normally, anything leaving a pix can get back in, but for Ping/Trace responses add the following -adapt for your setup.

access-list OUTSIDE_INBOUND_ACL line 1 remark Permit ICMP Responses
access-list OUTSIDE_INBOUND_ACL line 2 permit icmp any interface outside unreachable
access-list OUTSIDE_INBOUND_ACL line 3 permit icmp any interface outside time-exceeded
access-list OUTSIDE_INBOUND_ACL line 4 permit icmp any interface outside echo-reply


don't forget to apply the acl to the outside interface if you don't already have an outside acl.
The administrator has disabled public write access.
Time to create page: 0.075 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup