Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
567
Views
0
Helpful
5
Replies

NAT issue on PIX 515

deanbramndt
Level 1
Level 1

‎07-31-2006 03:51 AM - edited ‎02-21-2020 01:04 AM

hi guys, I have 2 interfaces on this PIX that are alive, an inside interface, and an outside interface

outside 200.200.200.10

inside 192.168.120.0

I can't seem to access anything outside.

Global shows:

global (outside) 1 200.200.200.10

Nat shows:

nat (inside) 1 192.168.120.0 255.255.255.224 0 0

Does anything look out of place here? the outside interface can ping external hosts

Thanks

0 Helpful
5 Replies 5

jmia
Level 7
Level 7

‎07-31-2006 04:30 AM

Try (as an example)....

ip address outside 200.200.200.10 255.255.255.248

ip address inside 192.168.120.1 255.255.255.0

global (outside) 1 interface

nat (inside) 1 0.0.0.0 0.0.0.0 0 0

Hope this helps and let me know if you need further help/info.

Please rate posts if it helps!

0 Helpful

deanbramndt
Level 1
Level 1
In response to jmia

‎07-31-2006 02:36 PM

Yeah I have had some luck, I can get out to the external internet now, but if I try and access 192.168.120.3 from a host on another network I get:

No translation group found for tcp src outside:172.29.48.245/3210 dst in

side:192.168.120.3/3389

I have added:

static (outside,inside) 192.168.120.0 192.168.120.0 netmask 255.255.255.0

But no luck! :) Any ideas?

0 Helpful

mmorris11
Level 4
Level 4

‎07-31-2006 10:16 AM

If inside 192.168.120.0 is used with a 26 bit mask it is an invalid address. Didn't the cli bark at you for entering this? Am I misunderstanding something?

0 Helpful

deanbramndt
Level 1
Level 1
In response to mmorris11

‎07-31-2006 04:42 PM

I t was a /28 and no, it didn't bark :) I have changed it to a /24 but still no luck with it all. I notice that if I place a static (inside,outside) 192.168.120.0 192.168.120.0 netmask 255.255.255.0 I can access 192.168.120.3 from 172.29.48.245, but then when on that device, I cannot get out to anything external. If I remove that static, and then physically stand in front of the device, I can access the internet no problems, but cannot RDP to it from 172.29.48.245

That IP is on another network, also behind our core router, hope this makes sense?

0 Helpful

mmorris11
Level 4
Level 4
In response to deanbramndt

‎08-02-2006 07:07 AM

can you ping 192.168.120.3 from your PIX?

0 Helpful
Related community topics
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card
Top