Re: PIX stat translation not working

Wed, 23 Feb 2000 12:19:08 -0800 

tip a:  use the GUI tool.
tip b:  make sure your conduits/translations are not backwards (please don't take that 
the wrong way.. I have fixed more than one PIX fw that had the translations backwards).


Carric Dooley
Network Security Consultant

"A little inaccuracy sometimes saves a ton of explanation. " 
- H. H. Munro (Saki) (1870-1916) 
----- Original Message ----- 
From: Ameet Chaubal <[EMAIL PROTECTED]>
To: Alessandra Moura <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Wednesday, February 23, 2000 12:36 PM
Subject: Re: PIX stat translation not working


> I do have that entry
> But it still doesn't work.
> 
> ameet
> 
> 
> ----- Original Message -----
> From: Alessandra Moura <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Wednesday, February 23, 2000 12:13 PM
> Subject: Re: PIX stat translation not working
> 
> 
> >
> > Try this:
> >
> > conduit permit tcp host <valid IP> eq smtp any
> >
> >
> >
> >
> > 23/02/2000 09:58
> > "Ameet Chaubal" <[EMAIL PROTECTED]>
> >
> > From:
> > On:
> >
> >
> >
> >
> >  To:      [EMAIL PROTECTED]
> >
> >  cc:      (bcc: Alessandra Moura/RIO/ANP)
> >
> >
> >
> >  Subject: PIX stat translation not working
> >
> >
> >
> >
> >
> >
> > Hi all
> >
> > I am a bit new to pix firewall . The version we have is 4.2
> > It is a fairly simple setup without dmz.
> > we have a pool of global ip addersses and just one entry for static NAT.
> > I have conduit permit icmp any any command in it.
> > I also have the conduit permit for the static address at port 25 for smtp.
> > The machines inside can go out thr' dynamic NAT fine. I can even ping them
> > from outside.
> > But the problem is for the static translated machine.
> > This machine can go out  and ping anybody  on the internet.
> > But nobody outside seems to be able to see it or ping it. Even telnet at
> 25
> > does not work.
> > I checked everything that I could; there are no outbound access lists.
> > Does fixup have anything to do with this.?
> > Could anybody please suggest something?
> >
> > Thanks a lot
> >
> > ameet
> >
> > -
> > [To unsubscribe, send mail to [EMAIL PROTECTED] with
> > "unsubscribe firewalls" in the body of the message.]
> >
> >
> >
> > -
> > [To unsubscribe, send mail to [EMAIL PROTECTED] with
> > "unsubscribe firewalls" in the body of the message.]
> >
> 
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
> 

-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]

Reply via email to