I have a dmz configured on a pix. In the dmz there is
an ftp server which is functioning properly. can ftp
to it from internal interface and from external
interface.
My problem is that I cannot start a session from the
ftp server itself. I cannot ping the dns server (
external w/ ISP). In fact I cannot even ping the
external interface.
My goal is to have virus scan do auto updates.
here relevant config: modified to protect the
innocent.
fixup protocol ftp strict 21
global (dmz1) 1 172.16.3.2-172.16.3.100
nat (dmz1) 1 172.16.3.0 255.255.0.0 0 0
static (inside,outside) w.x.y.z 172.16.1.10 netmask
255.255.255.255 0 0
static (dmz1,outside) a.b.c.d 172.16.3.3 netmask
255.255.255.255 0 0
conduit permit tcp host a.b.c.d eq ftp any
conduit permit tcp host a.b.c.d eq ftp-data any
__________________________________________________
Do You Yahoo!?
Yahoo! Auctions - buy the things you want at great prices
http://auctions.yahoo.com/
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
