Hi,
I am facing a problem on PIX 515 as described below.
Firewall: Cisco PIX 515
Firewall Software Version: 4.4(7)
PIX setup:
----------
Host Mail Server
216.6.24.130 216.6.24.185 (216.6.24.0 => Public AddressesValid
Internet Addresses)
| |
-------------------
|
|
|
| - 216.6.24.130 255.255.255.192
PIX
| - 192.168.2.14 /30
|
|
| - 192.168.2.14 /30
Inside
Router
| - 192.168.2.6 /30
|
|
| - 192.168.2.5 /30
ISP
Router
|
| |------------ Proxy
192.118.52.54
| | Server
----------------------------|
| | | |
PIX Configuration:
--------------------
PIX Version 4.4(7)
nameif ethernet0 outside security0
nameif ethernet1 inside security100
enable password 8Ry2YjIyt7RRXU24 encrypted
passwd AoM2ZahaIYl9kEoj encrypted
hostname nungunungu
fixup protocol ftp 21
fixup protocol http 80
fixup protocol h323 1720
fixup protocol rsh 514
fixup protocol smtp 25
fixup protocol sqlnet 1521
names
pager lines 24
logging on
no logging timestamp
no logging console
no logging monitor
no logging buffered
no logging trap
logging facility 20
logging queue 512
interface ethernet0 auto
interface ethernet1 100basetx
mtu outside 1500
mtu inside 1500
ip address outside 192.168.2.14 255.255.255.252
ip address inside 216.6.24.129 255.255.255.192
no failover
failover timeout 0:00:00
failover ip address outside 0.0.0.0
failover ip address inside 0.0.0.0
arp timeout 14400
nat (inside) 0 216.6.24.0 255.255.255.0 0 0
static (inside,outside) 192.168.2.0 216.6.24.0 netmask 255.255.255.0 0 0
conduit permit tcp host 216.6.24.177 eq smtp any
conduit permit tcp host 216.6.24.186 eq smtp any
conduit permit tcp any host 192.118.52.54 eq www
conduit permit icmp any any
conduit permit tcp host 216.6.24.189 host 216.6.24.5 eq ftp
conduit permit tcp host 216.6.24.189 host 216.6.24.5 eq ftp-data
conduit permit tcp host 216.6.24.185 host 216.6.24.40 eq smtp
conduit permit tcp host 216.6.24.185 host 216.6.24.10 eq smtp
conduit permit tcp host 216.6.24.185 host 216.6.24.5 eq smtp
conduit permit tcp host 216.6.24.185 host 216.6.24.19 eq 5001
conduit permit tcp host 216.6.24.185 host 216.6.24.10 eq 5001
conduit permit tcp host 216.6.24.185 host 216.6.24.5 eq 5001
conduit permit tcp host 216.6.24.184 host 216.6.24.21 eq 3306
conduit permit tcp host 216.6.24.184 host 216.6.24.28 eq 3306
conduit permit tcp host 216.6.24.10 eq domain any
conduit permit tcp host 192.118.52.54 eq 8080 any
conduit permit tcp host 192.118.52.54 eq 3180 any
conduit permit tcp host 192.118.52.54 eq www any
no rip outside passive
no rip outside default
no rip inside passive
no rip inside default
route outside 0.0.0.0 0.0.0.0 192.168.2.13 1
route inside 216.6.24.128 255.255.255.192 216.6.24.129 1
timeout xlate 3:00:00 conn 1:00:00 half-closed 0:10:00 udp 0:02:00
timeout rpc 0:10:00 h323 0:05:00
timeout uauth 0:05:00 absolute
aaa-server TACACS+ protocol tacacs+
aaa-server RADIUS protocol radius
no snmp-server location
no snmp-server contact
snmp-server community mic-test-03
no snmp-server enable traps
telnet 216.6.24.16 255.255.255.255
telnet timeout 15
terminal width 80
PROBLEM:
--------------
>From host 216.6.24.130 i am able to ping inside interface of the PIX but i
am not able to ping the outside inetrface, nor am i able to ping the inside
router. Sitting on the PIX i am able to to ping the inside host 216.6.24.130
and the servers, also i am able to ping ISP router and the Proxy server at
ISP premieses.
Why is my inside host not able to go beyond the inside interface of PIX ?
Have i missed on some configuration or have i typed certain command wrongly.
As 216.6.24.0 network are valid ip addresses so i don't want to use NAT.
Kindly assist me on this.
Thanxs & Rgds,
Avi.
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=40489&t=40489
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
