Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

RE: ICMP / Ping

From: "Matt Mullen" <mattmd () flashcom net>
Date: Tue, 29 Aug 2000 18:37:18 -0400
When you ping you send an ICMP echo Packet out and the receiver sends back
an ICMP Reply packet.  For your workstations to ping you need to allow the
ICMP Echo-Reply.  To do this the syntax would be:

conduit permit icmp any any echo-reply

remove the permit icmp any any and the PIX should discard ICMP Echo packets,
thereby preventing remote hosts from pinging.

-----Original Message-----
From: firewall-wizards-admin () nfr net
[mailto:firewall-wizards-admin () nfr net]On Behalf Of Chris
Sent: Tuesday, August 29, 2000 1:54 PM
To: firewall-wizards () nfr net
Subject: [fw-wiz] ICMP / Ping


On a Cisco Pix - how can I configure it that only the
inside network clients can ping to the outside but no
one on the outside can ping my network?

The standard command for both ways is the
conduit permit icmp any any

I am not sure how to do it the way I need it? Is this
recommended at all?

Thanks everyone!

Chris

__________________________________________________
Do You Yahoo!?
Yahoo! Mail - Free email you can access from anywhere!
http://mail.yahoo.com/

_______________________________________________
Firewall-wizards mailing list
Firewall-wizards () nfr net
http://www.nfr.net/mailman/listinfo/firewall-wizards


_______________________________________________
Firewall-wizards mailing list
Firewall-wizards () nfr net
http://www.nfr.net/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: