About stevensavage

stevensavage · 08-05-2004

Hi allOur LAN uses the 10.x.x.x range and we have multiple sites configured. We recently rebuilt a pix in one of the offices but I'm missing something on it for one specific purpose. We used to be able to VPN into a client site and access machines ...

stevensavage · 08-04-2004

hi folksI have a PIX 515E with a webserver in the DMZ. Using a static command it is on the web with an internet address and can be viewed from anywhere outside the firewall. But users inside cannot view it, by ip address or domain name. Would be g...

stevensavage · 05-19-2004

HiI have a pix 515e that I have setup pptp clients to login to - (address pool 192.168.1.1-10). I have an access list to allow access for these clients to ftp from 10.80.9.50 in the dmz - access-list nat0acl-dmz permit tcp host 10.80.9.50 192.168.1....

stevensavage · 05-17-2004

Hi allHave a Pix 515e that I need some help with - We need to allow external users access to ftp down from our DMZ ftpserver only. Initially it was simple enough as just to have an access list with the source ip address allowed but now we have diali...

stevensavage · 07-19-2005

What ip address do you want to nat the workstation to - and if you don't mind me asking, why do you wish to nat it? It will be able to access the traffic on the other network with no nat. I am just curious

stevensavage · 07-18-2005

If you want just one workstation from Site A for example to access site B and also maintain internet natting for all internal hosts:nat (inside) 1 10.10.10.0 255.255.255.0 0 0 global (outside) 1 [public ip range] #Nats all internet trafficnat (inside...

stevensavage · 07-18-2005

hi gdsnellHave a look at the below;Site A 10.10.10.0Site B 10.10.20.0nat pool on both pixes to the internetnat (inside) 1 10.10.10.0 255.255.255.0 0 0global (outside) 1 [public ip range]Then create a no-nat pool so these ips can talk to each other ov...

stevensavage · 07-05-2005

Further to Jays comment, make sure that traffic is routable back to the PIX i.e. that the default gateway of the switch is the PIX inside address, or its gateway goes to a router which then goes to the PIX

stevensavage · 07-04-2005

Yes - you will have a conflict. The access-lists you created are invalid as you cannot allow/deny access from the same range as you did. Simply change one of the ranges to 192.168.2.0 and you're set.

Member Since	‎05-17-2004 01:57 AM
Date Last Visited	‎08-18-2017 03:51 AM
Posts	18
Total Helpful Votes Received	3

User Statistics

User Activity

VPN to site with same ip range

PIX 515e - cannot view site from inside

PPTP to DMZ query

Pix ftp from DMZ

Re: Site-to-Site with NAT on a PIX

Re: Site-to-Site with NAT on a PIX

Re: Site-to-Site with NAT on a PIX

Re: Telnet through VPN

Re: IPSEC tunnel with both LANs using the same IP scheme