07-15-2001 03:29 AM - edited 02-20-2020 09:48 PM
I have a pix 520 with 3 ports, at the DMZ there is a web server,I use the static command to allow outside user access the web server,To allow inside user access the web server correctly,I use the alias command to resolve the domain name to DMZ IP address 192.168.1.253.
The question is when I use alias command to resolve the domain name , it works well,the domain ip address isn't the global ip address 211.99.175.50.
but the inside user cann't access the webserver.
at this time,I ping the 192.168.1.253, the pix nat it to the outside pool,but if I ping the 192.168.1.252 etc. the pix nat it to the DMZ .
If I don't use the alias command, when i ping the 192.168.1.253, the pix nat it to the DMZ,that is correct,but you know ,the inside user cann't access the webserver correctly at this time.
What can I do,I need your help
Duzaidong , Thanks
07-15-2001 03:39 PM
I'm not sure I completely understand your situation. However, the behavior of the PIX, using the alias command, has changed in 6.0(1). In 6.0(1), when you use the alias command to DNS fixup (which you are trying to do), the PIX interface will now proxy-arp for the aliased address. This is useful if you are using the alias command for destination NAT, but causes DNS fixup to not work.
After you have implemented the alias command, do a show arp and check the MAC address that is associated with your alias address. You may find that it is one of the PIX interfaces (inside or DMZ). If so, then enabling sysopt noproxyarp (PIX_interface) will resolve the issue.
HTH
Jeff
07-15-2001 09:09 PM
Thanks for your help
According your instruction,I try again but the problem still isn't solved.
when I ping the domain name, The alias command works well, It can transfer the DNS to DMZ address, But the Nat still direct the traffic to the outside interface.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide