Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
281
Views
0
Helpful
2
Replies

Migrating web servers from pix outside to dmz segment

wanghmk1223
Level 1
Level 1

‎10-13-2004 07:43 PM - edited ‎02-20-2020 11:40 PM

Hi,

I have this issue:

When I migrate a web server using public ip (pix outside segment) to pix dmz segment, though i have a correct static mapping and access-list defined, i just can't get it work. But if the statically assign public ip is different (not in use before), it works.

Suspect Problem:

- arp table at external router not updated.

is my guess right?

Do i need to perform a clear arp at the router before i move the web server from pix outside to the dmz segment?

Any advise?

0 Helpful
2 Replies 2

pavlosd
Level 2
Level 2

‎10-13-2004 09:00 PM

Well, is always advisable when making a change on the PIX firewall to clear or static translations.

Now, if you had a static translation with a public IP address that has been used, then you might need to clear the xlate (translation) table.

You can always try it....

0 Helpful

a.awan
Level 4
Level 4

‎10-13-2004 11:04 PM

Yes i believe the arp cache on the router is the exact problem you are facing. Clear the arp and then try.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card