09-30-2004 01:40 AM
Hi,
We have a Cisco PIX 515E whcih is between the local site & remote site.
LAN1 ----Swicth1--PIX FW1---Router1----Router2----FW2---LAN2
On FW1 we have
nat (inside) 0 acces-list TEST
access-list TEST permit ip <local subnet> any
If we remove the FW1 teh application runs fine ,but if PIX is introduced login to application is successful but the application session hangs & users are not able to work.
There are no additional rules on FW1 for inside to outside traffic.
Is there anything missing which hangs the app session.
help will be appreciated.
Thanks
Regards
Mahavir
10-04-2004 08:53 AM
What application is in question? What ports and protocols does it use (i.e. IGMP/multicast, tcp, udp)?
Are there any nat/pat or global/static statements on the pix?
10-04-2004 11:57 AM
Yes nat 0 (inside) acess-list test
acl test is allowed any
One to one natting is done for local machine on the Router 2,hence the nat 0 statement on FW1.
The application is an NCR appn for data processing.
No port level restriction is applied on amy n/w devices.
Thanks
Regards
Mahavir
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide