Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
We having a problem that is driving us up the wall!PIX Version 6.3.1 (I know, older version, but should still work)show xlateGlobal 204.124.119.46 Local 192.168.162.37No big deal, I need to point the local address to a new host:no static (inside,outs...
I have a very simple question regarding inbound/outbound connections.My PIX is a Cisco 525 running v6.3 software.We have a MS clustered server that provides 3 IP addresses.1. Virtual IP address for inbound TCP connections (FTP for example) to the cl...
Hello all,We are looking to implement stateful LAN based failover using a pair of Cisco 525 PIX'es. I plan on creating 3 interfaces, inside, outside & DMZ.The documentation is not 100% clear on this, but I know I need another dedicated ethernet inte...
Hello everyone,One of my networks is spread over two locations in NY City. Verizon is providing me a OC-12 fiber handoff so that I can extend one of my VLAN's across these two offices.The current release of the PIX software supports failover via Eth...
Hello all,We are running an old Version 4.2(2) of the PIX Firewall.I have a host on the inside network that can be accessed by hosts on the outside. Some outside hosts know me as one IP address, others need to use another IP address (legacy applicat...
Issue resolved...Well, the last resort solution would have been a restart of the PIX, but I wouldn't be able to do this until the weekend.It turns out the "clear local-host" command solves the issue of clearing the cached old static! I was able to f...
new command, clear local-host?Can someone elaborate on this command vs. clear xlate?when I do a show local-host, I see my phantom xlate listed: local host: <192.168.11.146>, conn(s)/limit = 0/0 embryonic(s)/limit = 0/0, incomplete(s) = 0 ...
Thanks for the help. I'll try a bug check, I already have a TAC case open, but the standard answer is to upgrade the software. We're only using the basic features of the PIX and I can't believe something like this would be fix when I ran the same s...
Thanks Fernando,We did look at this, but unfortunately it'll mean having to modify hundreds of ACL's we already have in place.We're going to try a workaround by creating one outside IP address for ourbound access with a global/NAT and using another a...
After careful reading of the following document:http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_63/config/failover.htm#1024836I think it tells me that we can enable failover on a seperate link (if available) or use it with your LAN...
