I also tried doing this via the Access Rules in ASDM, adding a rule to allow icmp traffic from the dmz network to any destination on the inside interface. The inside network currently has only the default 'any less secure network' implicit rule. I always get the following log entry regardless of what I have tried:ĭeny inbound icmp src dmz:IP.OF.DMZ.SERVER dst inside:IP.OF.INSIDE.SERVER (type 8, code 0) Let's say the interfaces are called inside and dmz.Īccess-list allowping permit icmp any any echoĪccess-list allowping permit icmp any any echo-replyĪccess-group allowping in interface insideīut this didn't allow access and I don't know what I did wrong. I've tried a bunch of things and, as is typical when I wrestle with this device, my head is swimming and I can't keep anything straight any more. I don't intend to leave it this way but I would like to set up the ability to ping a specific host on the inside interface from the DMZ interface. I have a dedicated inside interface as well as a separate dmz interface.
0 Comments
Leave a Reply. |