Does anyone have enough familiarity with the Cisco ASA 5500 series firewalls to tell me how to configure it so that I can traceroute (and ping, for that matter) from inside the firewall to the Internet? My current outgoing policy is to allow all traffic from inside to out. I have the feeling that part of the problem may be that the replies to the pings and traceroute packets aren't being mapped back to the inside IP address properly (or at all), but, as much as I hate Cisco firewalls, I find it hard to believe that it cannot do what a $25 home firewall can do.