I suspect the access-list, the intranet ip is 192.168.1.0/24 , but you had given
permission for 192.168.0.0/24 network.
access-list 120 permit icmp any 192.168.0.0
255.255.255.0 echo-reply---so this will allow icmp traffic from any to 192.168.0.0/24
and not to intranet.so try changing that
Thanks for your hint Mohamed, but I think there is a misunderstanding.
Outbound ping works. It reaches the Intranet because of the nat and global commands.
I only added the ICMP lines to show, that the acls kind of work.
But they do not work with tcp and udp.
So I guess the problem are not the
Well i think i has to do with you static line. your
global address is 192.168.0.253, so your connections
should be hitting that address, which the pix will
xlate to 192.168.1.1.
In your examples you are not sending icmp, you are
sending udp, and you are pointing it to 192.168.1.1.
So ether