I am trying to set
up a Cisco PIX 515 version 5.2 in a test environment.
We have the
PIX with an outside Cisco26xx router set up (also the route is
configured in the PIX) and 2-3 Solaris servers on each side (inside &
outside) There is also a BIND DNS server on the outside but none on the inside.
The PIX has only 2
interfaces, E0 & E1. E0 is security10 and uses public addresses and E1 is
Security100, using private addresses and NAT (Nat rule in effect: NAT
(inside) 1 0.0.0.0 0.0.0.0 0 0 ).
They have no
problems passing ICMP back and forth or accessing http services on web servers
on either side.
Two Solaris boxes on
the E1 (outside) can reach each other and can access the Apache (SSL)
https:\\ server also on the outside. However, when I try to get a
machine on E1 to reach the SSL server on E0, it fails (but can reach
it using http). We have NO blockages on anything going OUT to a lower
security level.
I am tearing
my hair out. Can anyone suggest what we need to do to get the server on
Security100 to access the SSL server on Security10?
Also, since I"m not
all together sure I'm on the list properly, can you send any replies to my email
address too-not just the list? Thanks!
Amanda Acheson
