10-11-2002 06:12 AM - edited 03-02-2019 02:00 AM
Hi:
I have a block of external IP addresses in a /28 range. I have protected my
inner network with a Cisco PIX 515 firewall and have configured the inner
network with a private class c ip block (eg. 192.168.10.0/255.255.255.0). I
have then configured dynamic NAT on the PIX device where the whole inner
network will use the external Interface's IP address with Port address
translation i.e.:
global (outside) 1 interface
nat (inside) 1 192.168.10.0 255.255.255.0 0 0
I have then also allowed icmp bi-directionally between the inside and
outside interfaces using access-lists.
But I am unable to ping (from the inner network) any IP address on the
outside, including the IP address of the outside interface.
My main aim is to give internet access to the devices/servers that are on my
inner network (i.e behind the firewall). Does anyone have any ideas on why
my set up is not working or on alternate ways to set this up.
Thanks.
10-11-2002 07:22 AM
Have you give a static default route on PIX to your internet gateway router on the oustide interface.
route outside 0.0.0.0 0.0.0.0
10-11-2002 07:38 AM
Thanks for responding!! I do have a static route in PIX on the outside interface which is:
route outside 0.0.0.0 0.0.0.0
I am still not able to ping the outside from the inside. Thanks.
10-11-2002 07:45 AM
Are you trying to ping the PIX interface or an ip address on the internet. If its the PIX outside interface you are trying to ping from the inside, PIX wont respond.
10-11-2002 07:52 AM
I am unable to ping any IP address on the internet. I tried to ping the DNS server of our ISP but get a "request time out". I also tried to ping the IP address of the next hop router which is in the same subnet as the outer interface of the PIX but am getting an RTO here as well.
10-11-2002 08:13 AM
Can you input some of relevant configs of the pix and router.
10-11-2002 08:20 AM
I have just emailed the config file to you. I look forward to your input. Thanks!!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide