Hi All,
I am having a problem configuring the Pix's DMZ interface specifically
getting it to talk to the inside and also having the inside talking to
it. Here's the scenario:
I have 3 interfaces on a Pix 520 running 6.0(1). I have a inside
interface which is on the 192.168.1.0 network, dmz which is on
172.22.100.0 network, and outside which is 62.20.100.x Class C network.
I want inside boxes to be able to access a pc on the dmz called DMZPC
with ip address of 172.22.100.100. I also want the DMZPC to be able to
access machines on the inside of the network. All interfaces on the Pix
uses x.x.x.1 for their respective ip addresses.
Currently, my box on the DMZ can access the Internet and the Internet
can access it via a "static (dmz,outside) 62.20.100.131 172.22.100.131
netmask 255.255.255.255 0 0" command.
Here's the output from a show route on my Pix:
outside 0.0.0.0 0.0.0.0 62.20.99.2 1 OTHER static(that's the ip address
of the router on the outside that gets forwarded to our ISP)
outside 62.20.100.0 255.255.255.0 62.20.100.1 1 CONNECT static
dmz 172.22.100.0 255.255.255.0 172.22.100.1 1 CONNECT static
inside 192.168.1.0 255.255.255.0 192.168.1.1 1 CONNECT static
Other commands in my configuration that might be important:
global (outside) 1 62.20.100.7 netmask 255.255.255.0
nat (inside) 1 0.0.0.0 0.0.0.0 0 0
nat (dmz) 1 0.0.0.0 0.0.0.0 0 0
I have read the Cisco Pix manual and tried the using the syntax in the
manual but I am now more confused than when I started. Can someone
provide me the configuration lines I need to get it working? Any help
or tips would be greatly appreciated.
Thanks!
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=20333&t=20333
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
