02-08-2006 11:47 AM - edited 02-21-2020 12:41 AM
Hi,
I have just rcvd a 1 Mbps serial Internet link from my ISP. The link is terminated on a Cisco 1801 rtr with a public IP of 30 bit mask assigned 2 it. I have also rcvd 6 usable public IP's with 29 bit subnet masks. Out of these IP's I have assigned d 1st 1 to d ethernet port of my Cisco rtr. The ethernet port connects directly 2 a PIX-515E. To PIX I have assigned d second public IP. I have used static routing everywhere. I'm able 2 ping all www IP's from my Internet rtr. The problem I'm facing is tht I am able 2 ping all interfaces of the Internet rtr from my PIX but unable 2 ping d ISP's def gateway & any wwww IP's. In my PIX I have set the def gateway as d public IP of d ethernet interface of my Internet rtr. Can any1 tell me wht is d exact config mistake. Do I have 2 change any IP's or subnet mask.
Thnx in advance
02-08-2006 04:25 PM
Can you post the config on your pix it would help quite a bit.
I would chech that your permitting icmp through your pix.
icmp permit any any outside
Patrick
02-08-2006 07:04 PM
thnx 4 d quik response. its difficult 4 me 2 edit & post d pix config. anyways from pic i'm able 2 ping all interfaces of d internet rtr.
02-15-2006 09:44 AM
Hi,
With the limited amount of information that you have specified, I can say that:
Since you assigned 2 addresses of the /29 subnet to your Router-to-PIX segment, both the router and the PIX will no longer forward any packet destined to your internal hosts; both will assume that this is an internal request and will try to connect to it by ARPing and looking on the LAN layer.
You might consider adding individual static routes on your router for each of your 4 IPs left such as:
(config)#ip route x.x.x.x 255.255.255.255 y.y.y.y
where x.x.x.x is your host Ip and y.y.y.y is the PIX outside IP.
Don't forget to also make sure that your router has a default route pointing to the ISP router interface.
Hope you find it relative or helpful.
Salem.
02-16-2006 01:40 AM
Thnx Salem 4 ur help. Actually I had already added those routes with 255.255.255.255 but it still didn't work. It was a very simple problem. The ISP had given me a wrong IP which they rectified later. Since the ISP didn't have anu routes defined 4 their wrong IP range nothing worked. Now everthing is working fine. BTW no routes need 2 b defined 4 d public pool since it comes as Connected Route from Internet Router 2 PIX interface & d Internet Router is already aware of d next hop 4 those public IP's (tht is PIX). Thnx 1ce again 4 ur help.
Regards,
Baudhayan Lahiri
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: