gotta put static or nat translation statements for ANY traffic.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
ramesh c
Sent: Friday, November 22, 2002 1:48 AM
To: [EMAIL PROTECTED]
Subject: Pix question [7:57869]
Configuration
nameif ethernet0 outside security0
nameif ethernet1 inside security100
nameif ethernet2 dmz security50
interface ethernet0 10baset
interface ethernet1 10baset
interface ethernet0 100basetx
ip address outside 209.165.201.2 255.255.255.248
ip address inside 192.168.7.0 255.255.255.0
ip address dmz 172.16.1.0 255.255.255.0
hostname pixfirewall
arp timeout 14400
no failover
names
pager lines 24
logging buffered debugging
access-list acl_out permit tcp any host 209.165.201.19 access-group
acl_out in interface outside route outside 0.0.0.0 0.0.0.0 209.165.201.1
1 access-list ping_acl permit icmp any any access-group ping_acl in
interface inside access-group ping_acl in interface dmz access-list
acl_out permit icmp any any timeout xlate 3:00:00 timeout conn 1:00:00
half-closed 0:10:00
My question is ,can my systems from inside initiate connection to dmz
with the above configuration?.meaning can the Pix act as a router?Since
i read inside can initiate connection to dmz or outside by default
_
Get 25MB, POP3, Spam Filtering with LYCOS MAIL PLUS for $19.95/year.
http://login.mail.lycos.com/brandPage.shtml?pageId=plusref=lmtplus
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=57871t=57869
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
