Hi, I am facing a problem on PIX 515 as described below. Firewall: Cisco PIX 515 Firewall Software Version: 4.4(7)
PIX setup: ---------- Host Mail Server 216.6.24.130 216.6.24.185 (216.6.24.0 => Public AddressesValid Internet Addresses) | | ------------------- | | | | - 216.6.24.130 255.255.255.192 PIX | - 192.168.2.14 /30 | | | - 192.168.2.14 /30 Inside Router | - 192.168.2.6 /30 | | | - 192.168.2.5 /30 ISP Router | | |------------ Proxy 192.118.52.54 | | Server ----------------------------| | | | | PIX Configuration: -------------------- PIX Version 4.4(7) nameif ethernet0 outside security0 nameif ethernet1 inside security100 enable password 8Ry2YjIyt7RRXU24 encrypted passwd AoM2ZahaIYl9kEoj encrypted hostname nungunungu fixup protocol ftp 21 fixup protocol http 80 fixup protocol h323 1720 fixup protocol rsh 514 fixup protocol smtp 25 fixup protocol sqlnet 1521 names pager lines 24 logging on no logging timestamp no logging console no logging monitor no logging buffered no logging trap logging facility 20 logging queue 512 interface ethernet0 auto interface ethernet1 100basetx mtu outside 1500 mtu inside 1500 ip address outside 192.168.2.14 255.255.255.252 ip address inside 216.6.24.129 255.255.255.192 no failover failover timeout 0:00:00 failover ip address outside 0.0.0.0 failover ip address inside 0.0.0.0 arp timeout 14400 nat (inside) 0 216.6.24.0 255.255.255.0 0 0 static (inside,outside) 192.168.2.0 216.6.24.0 netmask 255.255.255.0 0 0 conduit permit tcp host 216.6.24.177 eq smtp any conduit permit tcp host 216.6.24.186 eq smtp any conduit permit tcp any host 192.118.52.54 eq www conduit permit icmp any any conduit permit tcp host 216.6.24.189 host 216.6.24.5 eq ftp conduit permit tcp host 216.6.24.189 host 216.6.24.5 eq ftp-data conduit permit tcp host 216.6.24.185 host 216.6.24.40 eq smtp conduit permit tcp host 216.6.24.185 host 216.6.24.10 eq smtp conduit permit tcp host 216.6.24.185 host 216.6.24.5 eq smtp conduit permit tcp host 216.6.24.185 host 216.6.24.19 eq 5001 conduit permit tcp host 216.6.24.185 host 216.6.24.10 eq 5001 conduit permit tcp host 216.6.24.185 host 216.6.24.5 eq 5001 conduit permit tcp host 216.6.24.184 host 216.6.24.21 eq 3306 conduit permit tcp host 216.6.24.184 host 216.6.24.28 eq 3306 conduit permit tcp host 216.6.24.10 eq domain any conduit permit tcp host 192.118.52.54 eq 8080 any conduit permit tcp host 192.118.52.54 eq 3180 any conduit permit tcp host 192.118.52.54 eq www any no rip outside passive no rip outside default no rip inside passive no rip inside default route outside 0.0.0.0 0.0.0.0 192.168.2.13 1 route inside 216.6.24.128 255.255.255.192 216.6.24.129 1 timeout xlate 3:00:00 conn 1:00:00 half-closed 0:10:00 udp 0:02:00 timeout rpc 0:10:00 h323 0:05:00 timeout uauth 0:05:00 absolute aaa-server TACACS+ protocol tacacs+ aaa-server RADIUS protocol radius no snmp-server location no snmp-server contact snmp-server community mic-test-03 no snmp-server enable traps telnet 216.6.24.16 255.255.255.255 telnet timeout 15 terminal width 80 PROBLEM: -------------- >From host 216.6.24.130 i am able to ping inside interface of the PIX but i am not able to ping the outside inetrface, nor am i able to ping the inside router. Sitting on the PIX i am able to to ping the inside host 216.6.24.130 and the servers, also i am able to ping ISP router and the Proxy server at ISP premieses. Why is my inside host not able to go beyond the inside interface of PIX ? Have i missed on some configuration or have i typed certain command wrongly. As 216.6.24.0 network are valid ip addresses so i don't want to use NAT. Kindly assist me on this. Thanxs & Rgds, Avi. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40489&t=40489 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]