Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi allOur LAN uses the 10.x.x.x range and we have multiple sites configured. We recently rebuilt a pix in one of the offices but I'm missing something on it for one specific purpose. We used to be able to VPN into a client site and access machines ...
hi folksI have a PIX 515E with a webserver in the DMZ. Using a static command it is on the web with an internet address and can be viewed from anywhere outside the firewall. But users inside cannot view it, by ip address or domain name. Would be g...
HiI have a pix 515e that I have setup pptp clients to login to - (address pool 192.168.1.1-10). I have an access list to allow access for these clients to ftp from 10.80.9.50 in the dmz - access-list nat0acl-dmz permit tcp host 10.80.9.50 192.168.1....
Hi allHave a Pix 515e that I need some help with - We need to allow external users access to ftp down from our DMZ ftpserver only. Initially it was simple enough as just to have an access list with the source ip address allowed but now we have diali...
What ip address do you want to nat the workstation to - and if you don't mind me asking, why do you wish to nat it? It will be able to access the traffic on the other network with no nat. I am just curious
If you want just one workstation from Site A for example to access site B and also maintain internet natting for all internal hosts:nat (inside) 1 10.10.10.0 255.255.255.0 0 0 global (outside) 1 [public ip range] #Nats all internet trafficnat (inside...
hi gdsnellHave a look at the below;Site A 10.10.10.0Site B 10.10.20.0nat pool on both pixes to the internetnat (inside) 1 10.10.10.0 255.255.255.0 0 0global (outside) 1 [public ip range]Then create a no-nat pool so these ips can talk to each other ov...
Further to Jays comment, make sure that traffic is routable back to the PIX i.e. that the default gateway of the switch is the PIX inside address, or its gateway goes to a router which then goes to the PIX
Yes - you will have a conflict. The access-lists you created are invalid as you cannot allow/deny access from the same range as you did. Simply change one of the ranges to 192.168.2.0 and you're set.
