Re: PIX 515 configuration problem !! Help ME!

From: Scott M. Trieste (strieste@xxxxxxxxxxx)
Date: Wed Aug 22 2001 - 09:58:39 GMT-3

• Next message: Dan Pontrelli: "Re: Caslow Book v2"
• Previous message: Schmitt, Greg: "RE: ATM ARP Server"
• Next in thread: Asim Khan: "Re: PIX 515 configuration problem !! Help ME!"
• Maybe reply: Asim Khan: "Re: PIX 515 configuration problem !! Help ME!"
• Maybe reply: John Kaberna: "Re: PIX 515 configuration problem !! Help ME!"
• Maybe reply: Michael Davis: "Re: PIX 515 configuration problem !! Help ME!"
• Maybe reply: Annu: "Re: PIX 515 configuration problem !! Help ME!"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
Bravo,

It looks like your global NAT (21.23.219.x /24) interferes with your static
21.23.219.2. Try using your outside interface as your outside NAT. You'll
save a ton of address.

Good Luck,

-Scott

----- Original Message -----
From: "bravo" <bravojun@hanmail.net>
To: <ccielab@groupstudy.com>
Sent: Wednesday, August 22, 2001 7:44 AM
Subject: OT: PIX 515 configuration problem !! Help ME!

> --------------PIX-----Router----Internet---Adsl User
> | 515 1720 VPN
> Webserver
>
> Hello I have a PIX problem version 6(0).1
> When remote adsl user want to connet intra-webserver they cannot
> connect web server and could not work icmp...
> The configuration is wrong?
> HELP ME!!
>
> here is configuration
> =================================================
> access-list 100 permit icmp any any echo-reply
> access-list 100 permit icmp any any time-exceeded
> access-list 100 permit icmp any any unreachable
> access-list 100 permit tcp any host 21.23.219.2 eq www
> ---> this is nat sufficient to accecpt internet user to our webserver???
> ---> I think this is key don't you think so?
>
> ip address outside 21.23.219.5 255.255.255.0
> ip address inside 10.10.10.1 255.255.255.0
>
> global (outside) 1 21.23.219.1-21.23.219.254
> --->internet ip pool
>
> static (inside,outside) 21.23.219.2 10.10.10.20 netmask 255.255.255.255 0
0
> ---->web server nat mapping
>
> access-group 100 in interface outside
> route outside 0.0.0.0 0.0.0.0 21.23.219.1 1
> ---->pix default route to router's ethernet interface
>
>
>
>
>
>
>
> Thanks in Advance!!
> Have a Good Day
> Network Specialist
> CCNP,CCNA,CCNP-Voice
>
> ===================================================================
> ?l8. @NEM3], Daum http://www.daum.net
> GQ8^@O3] 55Bx>K82!, 9+A&GQ FD@O@|<[!
> "Q4Y?n9^1b http://messenger.daum.net/
> **Please read:http://www.groupstudy.com/list/posting.html
**Please read:http://www.groupstudy.com/list/posting.html

• Next message: Dan Pontrelli: "Re: Caslow Book v2"
• Previous message: Schmitt, Greg: "RE: ATM ARP Server"
• Next in thread: Asim Khan: "Re: PIX 515 configuration problem !! Help ME!"
• Maybe reply: Asim Khan: "Re: PIX 515 configuration problem !! Help ME!"
• Maybe reply: John Kaberna: "Re: PIX 515 configuration problem !! Help ME!"
• Maybe reply: Michael Davis: "Re: PIX 515 configuration problem !! Help ME!"
• Maybe reply: Annu: "Re: PIX 515 configuration problem !! Help ME!"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:31:55 GMT-3