Question : PIX configuration: enable ICMP type 3 code 4 from outside

I'm a newbie to CISCO PIX firewalls. My problems is to allow ICMP packages of type 3 code 4 (defragmentation needed) from a specific DSL router to the internal network interface. The following line should allow ICMP type 3 packages - does this allow all subtypes or maybe just code 0 or 1?

PIX1#icmp permit host 192.168.1.3 unreachable outside

How can I specify the type a little bit more specific? Thanks for any help.

Kind regards,
Marc

Answer : PIX configuration: enable ICMP type 3 code 4 from outside

"to allow ICMP packages of type 3 code 4 (defragmentation needed)"
icmp permit xxxxxxxxxxx unreachable is type 3 and all subtypes

"from a specific DSL router to the internal network interface"
icmp permit xxxxxxxxxxxxxxxxxxxx outside does NOT permit the packets to the inside interface

"How can I specify the type a little bit more specific"
You have specified the type; there is no command for the sub-type.

icmp permit host 192.168.1.3 unreachable inside

The issue I see with this--unless you're using this to maintain a vpn--is that hopefully you've simply replaces the ip address of the DSL router with the non-routable 192.168.1.3. If not, you need to replace the 192.168.1.3 with the public address of the DSL router: the external interface address.

Random Solutions

Cisco 7960 to SIP for Broadvoice service

How to setup DNS forwarding

Maximum number of connections exceeded XP SP2

Can't connect to <a rel="nofollow" href="http://www.symantec.com" target="_blank">www.symantec.com</a> (everything else is OK)

Cisco QoS VoIP quality issues

Setting up Polycom over a router.

DNS and Active Directory Help With Crashed Server

Moving Linux Bind to Windows 2003 DNS

printing in ubuntu

Node type = Broadcast = Trojan?