10-06-2003 09:38 AM - edited 03-09-2019 05:03 AM
I'm wanting to allow the internal network to connect to the router, but I believe my PIX is prohibiting this. I'm running PIX version 6.3(2) and here's the layout, which is typical:
Inside -> PIX (515E) -> Router (2600) -> Internet
TIA.
10-06-2003 11:27 AM
mcvosi,
Do you have any access-list configured in your pix blocking outbound traffic from your LAN? If so add a line before the deny statement of the access-list "access-list xxx permit tcp host (workstation IP)host (2600 IP) eq 22.
10-06-2003 11:33 AM
No, currently all outbound connections from the LAN are unrestricted. That's why this puzzles me.
10-06-2003 12:24 PM
dumb question, but is the router configured right...is there a DES/3DES license installed on it...do a show version and verify DES or 3DES is enabled
10-06-2003 12:34 PM
Well, thanks for the replies but it seems the nut behind the wheel wasn't secured properly. I forgot to assign the transport to a vty. Doh! It's definitely a Monday! :-)
10-10-2003 04:59 AM
you can NAT the inside ip with a Public ip and it will allow you telnet. Apply the following command.
static (inside,outside) natip nattedip netmak 255.255.255.255
access-list acl_outside permit tcp host natted ip host natip eq telnet
here where natip is the inside lan ip
natted ip public ip
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide