cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
252
Views
0
Helpful
2
Replies

Migrating web servers from pix outside to dmz segment

wanghmk1223
Level 1
Level 1

Hi,

I have this issue:

When I migrate a web server using public ip (pix outside segment) to pix dmz segment, though i have a correct static mapping and access-list defined, i just can't get it work. But if the statically assign public ip is different (not in use before), it works.

Suspect Problem:

- arp table at external router not updated.

is my guess right?

Do i need to perform a clear arp at the router before i move the web server from pix outside to the dmz segment?

Any advise?

2 Replies 2

pavlosd
Level 2
Level 2

Well, is always advisable when making a change on the PIX firewall to clear or static translations.

Now, if you had a static translation with a public IP address that has been used, then you might need to clear the xlate (translation) table.

You can always try it....

a.awan
Level 4
Level 4

Yes i believe the arp cache on the router is the exact problem you are facing. Clear the arp and then try.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: