02-11-2003 10:03 AM - edited 02-20-2020 10:33 PM
Our school has purchased a 525 with version 6.1(4) code on it and it will replace a pix 520 with version 5.0(1).
When I installed the exact same config on the new pix, email and our proxy server were not working. Both are natted. All other non natted internal addresses work fine accessing the internet (not using our internal proxy).
What changes are made from the 2 versions of code that could cause this?
02-11-2003 10:11 AM
Did you make sure that you are using the same interface slots on the new Pix 525
02-11-2003 10:18 AM
Changed the ip addresses but this it the config
Building configuration...
: Saved
:
PIX Version 5.0(1)
nameif ethernet0 outside security0
nameif ethernet1 inside security100
fixup protocol ftp 21
fixup protocol http 80
fixup protocol smtp 25
fixup protocol h323 1720
fixup protocol rsh 514
fixup protocol sqlnet 1521
names
pager lines 24
no logging timestamp
no logging standby
no logging console
no logging monitor
no logging buffered
logging trap errors
logging facility 20
logging queue 512
logging host inside X.X.X.X
interface ethernet0 100basetx
interface ethernet1 100basetx
mtu outside 1500
mtu inside 1500
ip address outside 168.1.1.3 255.255.255.0
ip address inside 172.16.28.4 255.255.254.0
no failover
failover timeout 0:00:00
failover ip address outside 0.0.0.0
failover ip address inside 0.0.0.0
arp timeout 14400
global (outside) 1 168.169.1.10
nat (inside) 1 172.16.28.9 255.255.255.255 0 0 (proxy server)
nat (inside) 0 172.16.0.0 255.255.0.0 0 0
static (inside,outside) 168.169.1.29 172.16.28.21 netmask 255.255.255.255 0 0 (email)
access-list 111 permit tcp any host 168.169.1.29
access-group 111 in interface outside
no rip outside passive
no rip outside default
no rip inside passive
no rip inside default
route outside 0.0.0.0 0.0.0.0 168.169.1.1 1
route inside 172.16.0.0 255.255.0.0 172.16.28.1 1
timeout xlate 3:00:00 conn 1:00:00 half-closed 0:10:00 udp 0:02:00
timeout rpc 0:10:00 h323 0:05:00
timeout uauth 0:05:00 absolute
aaa-server TACACS+ protocol tacacs+
aaa-server RADIUS protocol radius
no snmp-server location
no snmp-server contact
snmp-server community public
no snmp-server enable traps
telnet timeout 5
terminal width 80
Cryptochecksum:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
: end
[OK]
nfhs-firewall#
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide