forgot to add the list...
> -----Original Message-----
> From: Hiemstra, Brenno
> Sent: maandag 15 oktober 2001 10:20
> To: 'Johnston Mark'
> Subject: RE: PIX and ICMP
>
> you have to build return echo reply rule, because ICMP changes
> echo request to echo reply.
>
> Maybe that is the reason for the block because the fw first received
> a echo request and now get a echo reply in return...
>
> regards,
>
> Brenno
>
> -----Original Message-----
> From: Johnston Mark [SMTP:[EMAIL PROTECTED]]
> Sent: maandag 15 oktober 2001 9:37
> To: [EMAIL PROTECTED]
> Subject: PIX and ICMP
>
> Hi all,
>
> I have a pix and would like to allow icmp echo request and reply to some
> of our servers in the dmz for a monitorig system that I have set up. The
> lan is private as well as the dmz and I have used NAT + GLOBAL to allow
> connections into the DMZ.
>
> I notice that the PIX doesn't handle ICMP statefully .... the request goes
> to the server but the pix is blocking the reply ... am I missing something
> or do I have to write ACL's for the return packets ?
>
> Thanks
> Mark
>
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls
