Hi, 

Pls see attached diagram. This is the setup. 

From the PC Vlan (vlan 200) able to ping other server on Vlan 300 except this server 172.19.100.101 & 172.19.100.102.

I don't know why can't ping this 2 server. I suspect because of this firewall but i don't about the configuration.

Please help me to verify

Below is the config of PIX

======================

klccPix# sh run
: Saved
:
PIX Version 6.3(1)
interface ethernet0 auto
interface ethernet1 auto
interface ethernet2 auto
nameif ethernet0 outside security0
nameif ethernet1 inside security100
nameif ethernet2 intf2 security4
enable password fgDKmzUvSvGTzykR encrypted
passwd fgDKmzUvSvGTzykR encrypted
hostname klccPix
domain-name IST.COM
clock timezone MYT 8
fixup protocol ftp 21
fixup protocol h323 h225 1720
fixup protocol h323 ras 1718-1719
fixup protocol http 80
fixup protocol ils 389
fixup protocol pptp 1723
fixup protocol rsh 514
fixup protocol rtsp 554
fixup protocol sip 5060
fixup protocol sip udp 5060
fixup protocol skinny 2000
fixup protocol smtp 25
fixup protocol sqlnet 1521
names
name 172.19.100.23 Linux_File_Srv
name 172.19.0.0 IsetanKLCC_LAN
name 203.127.255.65 NECSAP_Admin
name 172.19.100.11 Database_Srv
name 172.29.0.0 isetanKLCC_LAN2
name 203.127.251.181 NECSAP_DB
name 203.127.251.254 NECSG
name 175.145.155.50 necare
name 202.46.125.251 OU_Mgmt

access-list inside_access_in permit tcp host Linux_File_Srv any
access-list inside_access_in permit tcp host Linux_File_Srv any eq domain
access-list inside_access_in permit udp host Linux_File_Srv any eq domain
access-list inside_access_in permit icmp host Linux_File_Srv any
access-list inside_access_in permit icmp host Database_Srv any echo-reply
access-list inside_access_in permit tcp host Database_Srv any object-group DB_ac
cess
access-list inside_access_in permit tcp any any object-group Email_Services
access-list inside_access_in permit tcp any any eq domain
access-list inside_access_in permit udp any any eq domain
access-list inside_access_in permit icmp any any
access-list inside_access_in permit tcp any any object-group Linux_Services
access-list inside_access_in permit tcp host 172.19.100.64 any
access-list outside_access_in permit tcp host NECSAP_Admin host 203.115.205.28 o
bject-group Linux_Services
access-list outside_access_in permit tcp any host 203.115.205.28 eq https
access-list outside_access_in permit tcp any host 203.115.205.28 object-group ss
h_defined
access-list outside_access_in permit icmp host NECSG host 203.115.205.29 log
access-list outside_access_in permit tcp host NECSG host 203.115.205.29 object-g
roup DB_access log
access-list outside_access_in permit icmp host 60.49.155.154 host 203.115.205.29
 log
access-list outside_access_in permit tcp host 60.49.155.154 host 203.115.205.29
object-group DB_access log
access-list outside_access_in permit tcp object-group NEC_ASIA host 203.115.205.
28 object-group ssh_defined
access-list outside_access_in permit ip 172.19.100.96 255.255.255.240 interface
inside
access-list outside_access_in permit tcp any host 203.115.205.30 object-group RD
P
access-list outside_access_in permit tcp any host 203.115.205.26 object-group RD
P
access-list outside_access_in permit tcp any host 172.19.100.20 eq https
access-list inside_outbound_nat0_acl permit ip any 172.19.100.96 255.255.255.240

access-list inside_outbound_nat0_acl permit ip any host 172.59.1.1
access-list outside_cryptomap_dyn_20 permit ip any 172.19.100.96 255.255.255.240

no pager
logging on
logging timestamp
logging trap warnings
logging facility 22
logging device-id string pixfirewall
logging host inside Linux_File_Srv
icmp permit host necare outside
icmp permit host 219.92.227.57 outside
icmp permit IsetanKLCC_LAN 255.255.0.0 inside
mtu outside 1500
mtu inside 1500
mtu intf2 1500
ip address outside 203.115.205.27 255.255.255.248
ip address inside 172.19.100.20 255.0.0.0
no ip address intf2
ip verify reverse-path interface outside
ip verify reverse-path interface inside
ip audit info action alarm
ip audit attack action alarm
ip local pool klccippool 172.19.100.96-172.19.100.99

arp timeout 14400
global (outside) 10 interface
nat (inside) 0 access-list inside_outbound_nat0_acl
nat (inside) 10 0.0.0.0 0.0.0.0 0 0
static (inside,outside) 203.115.205.28 Linux_File_Srv netmask 255.255.255.255 0
0
static (inside,outside) 203.115.205.29 Database_Srv netmask 255.255.255.255 0 0
static (inside,outside) 203.115.205.30 172.19.100.17 netmask 255.255.255.255 0 0

static (inside,outside) 203.115.205.26 172.19.100.64 netmask 255.255.255.255 0 0

static (inside,outside) 172.19.100.20 172.19.100.20 netmask 255.255.255.255 0 0
access-group outside_access_in in interface outside
access-group inside_access_in in interface inside
route outside 0.0.0.0 0.0.0.0 203.115.205.25 1
route inside 172.19.100.64 255.255.255.255 172.19.100.20 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00
timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00
timeout uauth 0:05:00 absolute
aaa-server TACACS+ protocol tacacs+
aaa-server RADIUS protocol radius
aaa-server LOCAL protocol local
http server enable
http 0.0.0.0 0.0.0.0 outside
http 172.19.100.64 255.255.255.255 inside

klccPix#