| |||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Hello and welcome to CertForums.co.uk, here we host free active certification forums with links to the best free resources for Microsoft's MCSA MCSE MCDBA Cisco's CCNA CCDA and CCNP, and CompTIA's A+ Network+ i-NET+ and Security+ certifications in the UK. If you wish to post or use other advanced features you will need to register first. Registration is absolutely free and takes only a few minutes to complete so sign up today! If you have any problems with the registration process or your account login, please contact support |
|
|||||||
| Home | Forums | Community | Register | Search | Today's Posts | Mark Forums Read |
|
|
|
PIX 506E configuration |
  |
|
|
Thread Tools | Display Modes |
|
#1
15-May-2008, 02:10 PM
|
||||
|
||||
|
PIX 506E configuration
Hi everyone,
this is first time I am using this site, good luck to every one. I have a question please. I have a PIX firewall and I have new just start to learn it. I have done some configuration I can ping global IP addresses from Hyper Terminal, I can ping inside interface (e1) from my PC, but I can’ ping Outside interface (e0) from my PC, and can’t ping global IP from my PC of course. Do I have to allow some policy to enable is. How can I access internet? WHAT IS MISSING. Outside IP: 79.121.232.98 My PIX configuration is My configuration is: PIX Version 6.3(4) interface ethernet0 100full interface ethernet1 100full nameif ethernet0 outside security0 nameif ethernet1 inside security100 hostname pixfirewall fixup protocol dns maximum-length 512 fixup protocol ftp 21 fixup protocol h323 h225 1720 fixup protocol h323 ras 1718-1719 fixup protocol http 80 fixup protocol rsh 514 fixup protocol rtsp 554 fixup protocol sip 5060 fixup protocol sip udp 5060 fixup protocol skinny 2000 fixup protocol smtp 25 fixup protocol sqlnet 1521 fixup protocol tftp 69 names name 10.10.1.5 insidehost pager lines 24 logging on mtu outside 1500 mtu inside 1500 ip address outside dhcp ip address inside insidehost 255.255.0.0 ip audit info action alarm ip audit attack action alarm pdm history enable arp timeout 14400 nat (inside) 1 10.10.0.0 255.255.0.0 0 0 route outside 0.0.0.0 0.0.0.0 79.121.232.98 1 timeout xlate 3:00:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00 timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00 timeout uauth 0:05:00 absolute aaa-server TACACS+ protocol tacacs+ aaa-server TACACS+ max-failed-attempts 3 aaa-server TACACS+ deadtime 10 aaa-server RADIUS protocol radius aaa-server RADIUS max-failed-attempts 3 aaa-server RADIUS deadtime 10 aaa-server LOCAL protocol local no snmp-server location no snmp-server contact snmp-server community public no snmp-server enable traps floodguard enable telnet 10.10.0.0 255.255.0.0 inside telnet timeout 5 ssh timeout 5 console timeout 0 dhcpd address 10.10.1.203-10.10.1.205 inside dhcpd lease 3600 dhcpd ping_timeout 750 dhcpd domain ndtc.local dhcpd auto_config outside dhcpd enable inside terminal width 80 : end
|
|
|
|
#2
15-May-2008, 05:57 PM
|
|||||
|
|||||
|
Hi rawand,
Your nat rule is fine - nat (inside) 1 10.10.0.0 255.255.0.0 0 0 - but you are missing a global command to define global addresses for your connections. This should help: global (outside) 1 interface You need both a nat rule and a corresponding global statement in order to create translations across the pix. Spice_Weasel Oh as I was young and easy in the mercy of his means, Time held me green and dying Though I sang in my chains like the sea.
|
|
#3
16-May-2008, 01:51 PM
|
||||
|
||||
|
Spice_Weasel Hi
thanks for trying to help me.
the line you asked me: global (outside) 1 interface I had another line for global IP i have removed it: global (outside) 1 79.121.232.100-79.121.232.103 these addresses are my global IP address. staill can't ping outside interface from my PC, just to remind you, I can ping inside interface, can ping global ip addresses from cisco terminal thank you, Rawand
|
Spread this thread:
|
|
|
|
||||||
«
Previous Thread
|
Next Thread
»
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Computer and user configuration... | nic81 | MCDST | 4 | 24-Feb-2008 02:04 PM |
| Multihoming & Alternate IP Configuration | ScoobyDoo | Server Exams | 1 | 21-Jan-2008 08:17 PM |
| ADSL Router - PIX | turbolad | Routing & Switching | 2 | 13-Dec-2007 02:32 PM |
| PIX 501 copying config from one to another | turbolad | Routing & Switching | 8 | 30-Nov-2007 01:03 PM |
| Beta exam for System Center Configuration Manager | wagnerk | News | 0 | 30-Nov-2007 09:52 AM |
All times are GMT. The time now is 05:07 AM.