Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1162
Views
0
Helpful
1
Replies

Can PIX allow inbound connection with same Network as inside

mjhagen
Level 1
Level 1

‎01-11-2002 08:01 AM - edited ‎02-20-2020 09:57 PM

I have a situation with an office attached to our internal network via a T/3 and sharing the same internal IP address space. Both offices have different ISP's. I also have a test web server on our internal network and it is being static assigned an external IP address from our pool at office A. The problem I am having is with office B trying to get to that external IP address from their ISP. Is the firewall blocking this?

0 Helpful
1 Reply 1

murabi
Level 4
Level 4

‎01-18-2002 07:05 AM

You’ll have to look at the PIX logs to see if the packet is arriving at the outside interface of the pix. The easiest way to do this is to turn on debug icmp and ping the static IP address from the remote site. If you see icmp packets on the debug, dig further into the debugging syslog files to see what is being denied. I assume you’ve setup a conduit allowing these packets in. If the source IP address on the remote site is the same network as the inside network, your host inside will assume the packet came from one of the hosts on it’s own wire and will never use the gateway (PIX) to return the packet to the remote site. Consider using rfc1918 reserved network addresses internally.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card