Message Image

Skip main navigation (Press Enter).

SRX

View Only

last person joined: 5 days ago

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.

Back to discussions

Expand all | Collapse all

Pinging external interface

Jump to Best Answer

Erdem11-15-2010 12:02

Hi, What is needed to ping the external interface? I've tried to allow my FW policy to allow all from ...

Erdem11-15-2010 12:39Best Answer

You need to set the host-inbound-traffic -> system-services -> ping for you external interface ...

1. Pinging external interface

0 Recommend
Erdem
Posted 11-15-2010 12:02

Reply Reply Privately
Hi,
What is needed to ping the external interface?
I've tried to allow my FW policy to allow all from zone trust to untrust, and can ping external addresses from trust, using nat, but I'm unable to ping my external interface itself.
thanks.
2. RE: Pinging external interface
Best Answer

0 Recommend
Erdem
Posted 11-15-2010 12:39

Reply Reply Privately
You need to set the host-inbound-traffic -> system-services -> ping for you external interface in the untrust zone.

security-zone untrust { interfaces { ge-0/0/0.0 { host-inbound-traffic { system-services { snmp; ssh; ping; traceroute; } } } } }

Powered by Higher Logic