From: Eric Hoffman (skeetin@hotmail.com)
Date: Mon Dec 20 2004 - 11:34:28 GMT-3
Hi,
This line here shows us that you have to have an ip address on the inside of
192.168.1.4, to get to the pdm.
http 192.168.1.4 255.255.255.255 inside
Try setting yourself with an ip address of 192.168.1.4, and then let me know
if you are able to get to it.
E
>From: "Kevin Minihane" <kevin.minihane@eirteic.com>
>Reply-To: "Kevin Minihane" <kevin.minihane@eirteic.com>
>To: "'majid habib'" <majidkk@yahoo.com>
>CC: <ccielab@groupstudy.com>
>Subject: RE: OT:Connectivity to pix 515E
>Date: Mon, 20 Dec 2004 14:12:21 -0000
>MIME-Version: 1.0
>Received: from mc4-f31.hotmail.com ([65.54.190.167]) by mc4-s10.hotmail.com
>with Microsoft SMTPSVC(5.0.2195.6824); Mon, 20 Dec 2004 06:13:24 -0800
>Received: from lists.groupstudy.com ([207.44.210.9]) by mc4-f31.hotmail.com
>with Microsoft SMTPSVC(5.0.2195.6824); Mon, 20 Dec 2004 06:13:07 -0800
>Received: (from sympa@localhost)by lists.groupstudy.com (8.11.6/8.11.6) id
>iBKECi929561;Mon, 20 Dec 2004 09:12:44 -0500
>Received: from groupstudy.com (www.groupstudy.com [209.168.254.36])by
>lists.groupstudy.com (8.11.6/8.11.6) with ESMTP id iBKECZo29535for
><ccielab@lists.groupstudy.com>; Mon, 20 Dec 2004 09:12:35 -0500
>Received: from groupstudy.com (groupstudy.com [127.0.0.1])by groupstudy.com
>(8.12.11/8.12.10) with ESMTP id iBKECVwC013951GroupStudy Mailer; Mon, 20
>Dec 2004 09:12:31 -0500
>Received: (from listserver@localhost)by groupstudy.com
>(8.12.11/8.12.11/Submit) id iBKECVuY013949for GroupStudy Mailer; Mon, 20
>Dec 2004 09:12:31 -0500
>Received: from border01.eirteic.com (border01.eirteic.com [83.137.25.66])
>by groupstudy.com (8.12.11/8.12.10) with ESMTP id iBKECTLs013929
>GroupStudy Mailer; Mon, 20 Dec 2004 09:12:30 -0500
>Received: from mail.eirteic.com by border01.eirteic.com via smtpd (for
>www.groupstudy.com [209.168.254.36]) with ESMTP; Mon, 20 Dec 2004 14:12:28
>+0000
>Received: by mail.eirteic.com (Postfix, from userid 65534) id F188895806E;
>Mon, 20 Dec 2004 14:12:27 +0000 (GMT)
>Received: from EirteicFirewallCluster-c0a85345.eirteic.com
>(EirteicFirewallCluster-c0a85345.eirteic.com [192.168.83.69]) by
>mail.eirteic.com (Postfix) with ESMTP id D39F095806C; Mon, 20 Dec 2004
>14:12:26 +0000 (GMT)
>Received: from [212.17.54.222] ([212.17.54.222]) by
>EirteicFirewallCluster-c0a85345.eirteic.com via smtpd (for
>mail.eirteic.com [192.168.83.71]) with ESMTP; Mon, 20 Dec 2004 14:12:26
>+0000
>X-Message-Info: gUeNUVfFqHCOHftiUytpxXRkJiBTxvwqvJJgv3OPqUY=
>X-Mailer: Microsoft Office Outlook, Build 11.0.5510
>Thread-Index: AcTmmxkuEnN5IWpKQQuqbDfnJk9dsgAArdKA
>X-Spam-Checker-Version: SpamAssassin 2.64 (2004-01-11) on mail.eirteic.com
>X-Spam-Status: No, hits=-4.0 required=5.0 tests=AWL,BAYES_00,
>NORMAL_HTTP_TO_IP autolearn=no version=2.64
>X-ASK-Info: Whitelist match [from kevin\.minihane@eirteic\.com] (2004/12/20
>09:12:30)
>X-Loop: ccielab@groupstudy.com
>X-Sequence: 28681
>Errors-to: ccielab-owner@groupstudy.com
>Precedence: bulk
>X-no-archive: yes
>List-Id: <ccielab.groupstudy.com>
>List-Help: <mailto:sympa@groupstudy.com?subject=help>
>List-Subscribe: <mailto:sympa@groupstudy.com?subject=subscribe%20ccielab>
>List-Unsubscribe:
><mailto:sympa@groupstudy.com?subject=unsubscribe%20ccielab>
>List-Post: <mailto:ccielab@groupstudy.com>
>List-Owner: <mailto:ccielab-request@groupstudy.com>
>Return-Path: ccielab-owner@groupstudy.com
>X-OriginalArrivalTime: 20 Dec 2004 14:13:07.0413 (UTC)
>FILETIME=[0740E050:01C4E69E]
>
>Sorry,
>
>I should have posted my configuration in my original mail
>
>Thanks once again
>
>Kevin
>
>
>
>
>PIX Version 6.3(3)
>
>interface ethernet0 auto
>
>interface ethernet1 auto
>
>nameif ethernet0 outside security0
>
>nameif ethernet1 inside security100
>
>enable password SV1vwQoGOZ8rZtFQ encrypted
>
>passwd 2KFQnbNIdI.2KYOU encrypted
>
>hostname test-pix
>
>domain-name test.domain
>
>fixup protocol dns maximum-length 512
>
>fixup protocol ftp 21
>
>fixup protocol h323 h225 1720
>
>fixup protocol h323 ras 1718-1719
>
>fixup protocol http 80
>
>fixup protocol rsh 514
>
>fixup protocol rtsp 554
>
>fixup protocol sip 5060
>
>fixup protocol sip udp 5060
>
>fixup protocol skinny 2000
>
>fixup protocol smtp 25
>
>fixup protocol sqlnet 1521
>
>fixup protocol tftp 69
>
>names
>
>access-list 101 permit ip any any
>
>pager lines 24
>
>icmp permit host 192.168.5.2 outside
>
>icmp permit 192.168.1.0 255.255.255.0 inside
>
>mtu outside 1500
>
>mtu inside 1500
>
>ip address outside 192.168.x.x 255.255.255.0
>
>ip address inside 192.168.1.1 255.255.255.0
>
>ip audit info action alarm
>
>ip audit attack action alarm
>
>no failover
>
>failover timeout 0:00:00
>
>failover poll 15
>
>no failover ip address outside
>
>no failover ip address inside
>
>pdm history enable
>
>arp timeout 14400
>
>access-group 101 in interface outside
>
>access-group 101 in interface inside
>
>conduit permit icmp any any
>
>route outside 0.0.0.0 0.0.0.0 192.168.x.x 1
>
>timeout xlate 3:00:00
>
>timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225
>1:00:00
>
>timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00
>
>timeout uauth 0:05:00 absolute
>
>aaa-server TACACS+ protocol tacacs+
>
>aaa-server RADIUS protocol radius
>
>aaa-server LOCAL protocol local
>
>http server enable
>
>http 192.168.1.4 255.255.255.255 inside
>
>no snmp-server location
>
>no snmp-server contact
>
>snmp-server community public
>
>no snmp-server enable traps
>
>floodguard enable
>
>telnet timeout 5
>
>ssh timeout 5
>
>console timeout 0
>
>dhcpd address 192.168.1.4-192.168.1.20 inside
>
>dhcpd dns 192.168.x.x
>
>dhcpd lease 3600
>
>dhcpd ping_timeout 750
>
>dhcpd enable inside
>
>terminal width 80
>
>Cryptochecksum:7f8495ed53b6119ec5d5ab30b9b4ce60
>
>: end
>
>-----Original Message-----
>From: majid habib [mailto:majidkk@yahoo.com]
>Sent: 20 December 2004 13:52
>To: Kevin Minihane
>Subject: Re: OT:Connectivity to pix 515E
>
>use https intead of http for pdm access
>
>--- Kevin Minihane <kevin.minihane@eirteic.com> wrote:
>
> > Hi
> >
> >
> >
> > I'm having a few problems connecting to a PIX 515E.
> > I want to use PDM as
> > I'm not very confidant with PIX technology.
> >
> > Every Cisco site/document I've read tells me I can
> > connect to the inside
> > interface (which by default has an IP address of
> > 192.168.1.1/24) as long as
> > I connect it to a hub/switch, and give my PC an
> > address in the same subnet./
> > I've done this, but am still unable to connect to
> > http://192.168.1.1/startup.html as the documents say
> >
> >
> >
> > Does anyone have any idea on what may be wrong?
> > This is a brand new pix ,
> > out of the box, with a default installation.
> >
> >
> >
> > I'd greatly appreciate any help
> >
> >
> >
> > Thanks
> >
> >
> >
> > Kevin
> >
> >
>_______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
> >
>
>
>
>
>
>__________________________________
>Do you Yahoo!?
>Yahoo! Mail - You care about security. So do we.
>http://promotions.yahoo.com/new_mail
>
>_______________________________________________________________________
>Subscription information may be found at:
>http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Mon Jan 03 2005 - 10:31:28 GMT-3