I cannot seem to get the following config to work and am clueless why. My incoming access lists for DMZ and outside are wide open. The goal is not to NAT DMZ ever since its public addressing. I can't even ping hosts on the outside network from PIX. Why am I having these problems?
nameif ethernet0 outside security0 nameif ethernet1 inside security100 nameif ethernet2 dmz security50 access-list internal permit ip 172.19.90.0 255.255.255.0 any access-list test permit ip any any access-list test permit icmp any any access-list int-dmz permit ip 172.19.90.0 255.255.255.0 83.23.43.0 255.255.255.0 ip address outside 83.23.44.60 255.255.255.192 ip address inside 172.19.90.1 255.255.255.0 ip address dmz 83.23.43.250 255.255.255.0 global (outside) 1 83.23.44.58 nat (inside) 0 access-list int-dmz nat (inside) 1 172.19.90.0 255.255.255.0 0 0 nat (dmz) 0 0.0.0.0 0.0.0.0 0 0 access-group test in interface outside access-group test in interface dmz route outside 0.0.0.0 0.0.0.0 83.23.44.1 1 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=61043&t=61043 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]