12-23-2004 11:51 AM - edited 02-20-2020 11:49 PM
I have a server on the inside interface that I need to have printing to a printer on the outside interface. It was working fine, but has somehow quit working. No errors are showing up in the syslog, so I was hoping that someone would take a quick look at my current config and let me know if a problem exists.
Current config:
PIX Version 6.3(4)
interface ethernet0 auto
interface ethernet1 100full
nameif ethernet0 outside security0
nameif ethernet1 inside security100
enable password XXXXXX encrypted
passwd XXXXXX encrypted
hostname PIX-2
domain-name nexstore.internal
fixup protocol dns maximum-length 512
fixup protocol ftp 21
fixup protocol h323 h225 1720
fixup protocol h323 ras 1718-1719
fixup protocol http 80
fixup protocol rsh 514
fixup protocol rtsp 554
fixup protocol sip 5060
fixup protocol sip udp 5060
fixup protocol skinny 2000
fixup protocol smtp 25
fixup protocol sqlnet 1521
fixup protocol tftp 69
names
name 10.0.X.100 IBM_POS_Server
name 192.168.X.93 HP_4350
access-list inside_access_in permit icmp host IBM_POS_Server any
access-list inside_access_in permit tcp host IBM_POS_Server eq lpd host HP_4350 eq lpd
access-list outside_access_in permit icmp any host IBM_POS_Server
access-list outside_access_in permit tcp any gt 1023 host IBM_POS_Server eq telnet
pager lines 24
logging on
logging trap informational
logging host outside 192.168.X.10
icmp permit any outside
icmp permit any inside
mtu outside 1500
mtu inside 1500
ip address outside 192.168.X.2 255.255.255.0
ip address inside 10.0.X.2 255.255.255.0
ip audit info action alarm
ip audit attack action alarm
pdm location 204.x.x.x.255.255.255 inside
pdm location 192.168.X.11 255.255.255.255 outside
pdm location IBM_POS_Server 255.255.255.255 inside
pdm location 192.168.X.10 255.255.255.255 outside
pdm location HP_4350 255.255.255.255 outside
pdm location HP_4350 255.255.255.255 inside
pdm logging debugging 100
pdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 1 0.0.0.0 0.0.0.0 0 0
static (inside,outside) IBM_POS_Server IBM_POS_Server netmask 255.255.255.255 0 0
access-group outside_access_in in interface outside
access-group inside_access_in in interface inside
route inside IBM_POS_Server 255.255.255.255 10.0.X.2 1
route inside 204.90.X.225 255.255.255.255 10.0.X.1 1
timeout xlate 0:05:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00
timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00
timeout uauth 0:05:00 absolute
aaa-server TACACS+ protocol tacacs+
aaa-server TACACS+ max-failed-attempts 3
aaa-server TACACS+ deadtime 10
aaa-server RADIUS protocol radius
aaa-server RADIUS max-failed-attempts 3
aaa-server RADIUS deadtime 10
aaa-server LOCAL protocol local
http server enable
http 192.168.X.11 255.255.255.255 outside
no snmp-server location
no snmp-server contact
snmp-server community public
no snmp-server enable traps
floodguard enable
telnet timeout 5
ssh timeout 5
console timeout 0
terminal width 80
Cryptochecksum:xxxxx
: end
Thanks for any assistance!
Regards,
Rick
12-23-2004 04:34 PM
Hi,
I have doubt about this access-list
access-list inside_access_in permit tcp host IBM_POS_Server eq lpd host HP_4350 eq lpd
could you add another entry there like this
access-list inside_access_in permit tcp host IBM_POS_Server host HP_4350 eq lpd
thanks
Nadeem
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide