From: george gittins (g.gittins@edinburg.esc1.net)
Date: Wed Feb 12 2003 - 18:04:44 GMT-3
Got it thansks.
George Gittins
Network and Computer Maintenance Supervisor
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
balaji.balakrishnan
Sent: Tuesday, February 11, 2003 2:19 PM
To: george gittins
Cc: ccielab@groupstudy.com
Subject: Re: Pix static problem
Hi george,
If i understood correctly, u r talking about the external user accessing
the web server ( in DMZ ) by name which need to be
resolved by DNS server ( in Inside ).
First , I believe correct conduit command is
Conduit permit any 204.158.241.249 eq 53
next , what is the web server global address and DMZ address. You may need
to create one more pair of static and conduit
statements like,
Static (dmz, outside) server's global server's DMZ net mask
255.255.255.255
conduit permit any server's global eq http
Let me know ur comments.
Rgds,
Bala.
george gittins wrote:
> I have a problem with my pix , I have two dns servers with internal ip
that
> I set up static mappings. However the webserver on the dmz zone I can
only
> hit it via ip, so im assuming that the internal dns mappings is not
working
> when I do a show conduit statement I show no hits for my internal dns.
>
> The ip of my internal dns servers are
>
> 10.16.1.249 & 250
>
> and on the outside
>
> 204.158.241.249
>
> 204.158.241.250
>
> I place these statements
>
> Static (inside, outside) 204.158.241.250 10.16.1.249 netmask
255.255.255.255
>
> Same for the other.
>
> And a conduit statement
>
> Conduit permit 204.158.241.249 eq 53 any
>
> And no luck
>
> Any suggestions
>
> George Gittins
>
> Network and Computer Maintenance Supervisor
> .
.
.
This archive was generated by hypermail 2.1.4 : Sat Mar 01 2003 - 11:06:20 GMT-3