About petersontom

petersontom · 08-23-2005

I have a test web server inside our DMZ that accesses a sql server on the inside network. The problem is when I create the access rule access-list DMZ_inf_in permit tcp host 172.16.10.250 eq 1433 host 10.10.2.28 eq 1433 and create the static routesta...

petersontom · 08-25-2005

Okay, I found the problem. Unbelievable, one of our network administrators had mistakly plugged in a network cable from the DMZ switch to the internal LAN switch. Thank you for all your help.

petersontom · 08-24-2005

Here is a very stripped version of the configPIX Version 6.1(4)nameif ethernet0 outside security0nameif ethernet1 inside security100nameif ethernet2 DMZ security50fixup protocol ftp 21fixup protocol http 80fixup protocol h323 1720fixup protocol rsh 5...

petersontom · 08-23-2005

Company policy will not allow me to post the config, I contacted Cisco they wanted the access-list changed to:access-list DMZ_inf_in permit tcp host 172.16.10.250 host 10.10.2.28 eq 1433I did this and I still have the problem. here are some trap logs...

petersontom · 08-23-2005

Thank you for your thoughts. However, I have other devices in the DMZ access our internal network without issues. Is there a fix up protocol I'm might be missing? It seems to be the static NAT causing the current issue.

petersontom · 08-23-2005

I'm sorry for the confusion.The DMZ ip address 172.16.10.250 (Web server)SQl Server 10.10.2.8 (Inside network)The address 10.10.31.7 is a workstation on the inside network pinging the SQl server.Here is the access-list for the web server to access th...

Member Since	‎08-23-2005 06:40 AM
Date Last Visited	‎08-18-2017 03:54 AM
Posts	7

User Statistics

User Activity

PIX/DMZ problems

Re: PIX/DMZ problems

Re: PIX/DMZ problems

Re: PIX/DMZ problems

Re: PIX/DMZ problems

Re: PIX/DMZ problems