Re: Alias commands in PIX 5.3

psullivan · ‎11-07-2001

We have a PIX firewall, ver 5.3, a DMZ (192.168.0.0) and an internal (token ring) 140.100.1.0 network. One of our applications needs to have two servers in our DMZ have the ability to communicate via email. Both servers are IP'd in the DMZ but have static commands to an outside IP in the PIX. Apparently, email was functional between these two systems prior to putting them behind the PIX. Since they now have to use IP addresses (either internal or external) for access, this function is no longer available and is necessary. I entered the alias commands which I thought were correct (based on my reading) but they did not work. Could anyone give me a hand here? I surely would appreciate it! Thanks, Carolyn

smahbub · ‎11-15-2001

The alias command is a little hard to understand at first. This should help you out: http://www.cisco.com/cgi-bin/tablebuild.pl/pix

david.mckone · ‎11-15-2001

Exactly which version of software do you have?

The reason I ask is that I did encounter some copies in which the alias command didn't work.

For example, I could ping our web server in the DMZ by name and get the public IP address returned. But as soon as the alias command was entered, then I got no replies at all when I was expecting to see it's private IP address.

Now at the time I think I was using 5.25 and also 5.31.

When I queried the TAC I was informed that this was a problem caused by 5.25 and told to switch to 5.26 and that cured the problem for both copies.

In which case try a newer version of the software.

cnelliott · ‎11-15-2001

We recently upgraded to version 5.3(2). After discussion with a Cisco tech, I discovered the IP's were reversed in the command. Once entered correctly, they worked fine.

Thank you for replying.

Carolyn