Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
228
Views
0
Helpful
1
Replies

Client can't go to Internet in 2 PIX config..

MCGSmartnet
Level 1
Level 1

‎03-07-2005 11:05 AM - edited ‎02-20-2020 11:59 PM

Hi,

I'm trying to connect a client to the Internet using a 2 firewall scenario. I have an Internet FW and a DB Firewall with a WebServer in between. Right now, I want the clients on the inside of the DB FW to connect all the way to the Internet. What syntax/entries do I need on one/both of the Firewalls in order to make this happen? or if this is possible at all. Any suggestions are welcome.

Internet <-- Internet Router <-- Internet FW <-- Switch <-- WebServer <-- Switch <-- DB Firewall <-- Client

Internet Firewall

ip address outside 208.205.172.2 255.255.255.0

ip address inside 192.168.3.1 255.255.255.0

DB Firewall

ip address outside 192.168.8.1 255.255.255.0

ip address inside 192.168.2.1 255.255.255.0

WebServer (has 2 NICs)

Outside NIC 192.168.3.39

Inside NIC 192.168.8.39

TIA

Tom

0 Helpful
1 Reply 1

fragomez
Level 1
Level 1

‎03-07-2005 11:31 AM

Hi!

Couple of questions:

1) Is the WebServer able to ping 192.168.3.1?

2) Is the DB firewall able to ping the ip 192.168.3.1?

3) Is the WebServer doing the routing?

If all is yes, then do this:

Internet Firewall:

nat (inside) 1 0 0

global (outside) 1 interface

DB Firewall:

nat (inside) 1 0 0

global (outside) 1 interface

If all connectivity is working fine this should do the trick, just make sure you have the proper DNS settings on your PCs behind the DB firewall.

Frank

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card