Questions

Answer for:

Cisco Pix 506e firewall blocking Win07 from accessing a specific website?

Message 49 of 52

View entire thread
+
0 Votes
dl_wraith

Access-lists don't work for an interface until you associate them with an interface. This is done via the access-group command.

In your ICMP case all you need is to telnet, enable and conf t (as usual), then:
access-group acl_inside in interface inside

You have one already, associatd with the outside interface. See your existing access-group command? What that says is you've associated the access-list called 'outside' with the interface called 'outside'.

Only one access-group can be associated with an interface at any time but you can have lots of access-list statements under the same name all bundled together using the access-group command. All you've got to do is keep the naming consistent.

I hope that helps.