Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
243
Views
0
Helpful
2
Replies

NO Internet Connection

antinea
Beginner
Beginner

‎03-18-2003 11:32 AM - edited ‎03-09-2019 02:34 AM

Dear All,

I configured NAT on pix (506E)

I can ping any outside host from my pix.

I can also ping any inside host from my pix.

However I cannot ping any host from inside to outside nor internet connection functions.

I repeated the configuration tens and tens of times

I also tried to configure from PDM.

Seems that nothing would go well.

Here's the config.

Could any one help please.

PIX Version 6.2(2)

nameif ethernet0 outside security0

nameif ethernet1 inside security100

enable password 7PmXr29jODRJ.eaI encrypted

passwd 7PmXr29jODRJ.eaI encrypted

hostname tita

domain-name any.net

fixup protocol ftp 21

fixup protocol http 80

fixup protocol h323 h225 1720

fixup protocol h323 ras 1718-1719

fixup protocol ils 389

fixup protocol rsh 514

fixup protocol rtsp 554

fixup protocol smtp 25

fixup protocol sqlnet 1521

fixup protocol sip 5060

fixup protocol skinny 2000

names

access-list inside_access_in permit icmp any any

access-list inside_access_in permit ip any any

access-list outside_access_in permit icmp any any

interface ethernet0 10baset

interface ethernet1 auto

icmp permit any outside

icmp permit any inside

mtu outside 1500

mtu inside 1500

ip address outside 190.93.16.18 255.255.255.248

ip address inside 192.168.22.2 255.255.255.0

ip audit info action alarm

ip audit attack action alarm

pdm location 192.168.22.5 255.255.255.255 inside

pdm history enable

arp timeout 14400

global (outside) 10 190.93.16.19-190.93.16.21 netmask 255.255.255.248

nat (inside) 10 0.0.0.0 0.0.0.0 0 0

access-group outside_access_in in interface outside

access-group inside_access_in in interface inside

route outside 0.0.0.0 0.0.0.0 193.95.16.17 1

timeout xlate 3:00:00

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h323 0:05:00 sip 0:30:00 sip_media 0:02:00

timeout uauth 0:05:00 absolute

aaa-server TACACS+ protocol tacacs+

aaa-server RADIUS protocol radius

aaa-server LOCAL protocol local

http server enable

http 192.168.22.5 255.255.255.255 inside

no snmp-server location

no snmp-server contact

snmp-server community public

no snmp-server enable traps

floodguard enable

no sysopt route dnat

telnet 192.168.22.5 255.255.255.255 inside

telnet timeout 5

ssh timeout 5

username samir password .KnHwytEP2k92JAD encrypted privilege 15

terminal width 80

Cryptochecksum:abd0f7a4e9339ff5026a3c5c9234cfa1

Labels:
0 Helpful
2 Replies 2

mostiguy
Frequent Contributor
Frequent Contributor

‎03-18-2003 01:03 PM

It looks like you fat fingered your route statement:

193.... should be 190, right? It needs to be on the same subnet as the external interface

0 Helpful

antinea
Beginner
Beginner
In response to mostiguy

‎03-19-2003 03:13 AM

yes you're right

but in my fix this default route was correctly entered as follow

route outside 0.0.0.0 0.0.0.0 190.93.16.17 1

which the address of a cable modem (ADSL)

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers
Spotlight Award Nomination
Customers Also Viewed These Support Documents