|
Posted by William L. Sun on March 14, 2005, 11:59 pm
If you were Registered and logged in, you could reply and use other advanced thread options
On PIX, outbound ICMP is enabled by default unless you have disabled it. For
inbound traceroute, you can use
access-group incoming in interface outside
access-list incoming permit icmp any host 1.1.1.1 unreachable
access-list incoming permit icmp any host 1.1.1.1 time-exceeded
1.1.1.1 is your UNIX host ip. Do you use PAT or NAT in your outbound
connection?
William
> Hi,
>
> Recently I replaced my old firewall with a Cisco PIX one, and translated
all
> commands, now everything seems to be fine except I cannot get out from my
> Sun 5.8 (no ping and traceroute outside), also I cannot open a page (port
> 80)on this box from outside, this is the only Unix based machine I have,
and
> all other servers and workstations are Windows and they seem to be fine. I
> deleted the mac address for the old firewall using arp -d but didn't work.
> Does anyone know how to fix this problem?
>
>
>
> Thanks in advance for any help.
>
>
>
>
>
>
| 
XML site map