Hi Techies,

I have been assigned project for setting up the security contexts on PIX firewall.

Please see the below tech details:

I have created two contexts i.e. Admin & CustA. I have decided to share the Outside interface between two contexts. I have enabled 'mac-address auto' on PIX firewall to avoid conflicting between ARP requests.Also both the physical ports on L2 switches are configured into Trunk mode.

Sh run for Admin Context:

interface inside

nameif inside

security-level 100

ip address 10.126.1.17 255.255.255.0

!

interface outside

nameif outside

security-level 0

ip address 10.10.10.200 255.255.255.0

access-list outside_access_in extended permit icmp any any

global (outside) 1 interface

nat (inside) 1 10.126.1.0 255.255.255.0

access-group outside_access_in in interface outside

route outside 0.0.0.0 0.0.0.0 10.10.10.2 1

Sh run for CustA Context:

nterface E_inside

nameif inside

security-level 100

ip address 10.126.6.250 255.255.255.0

!

interface E_outside

nameif outside

security-level 0

ip address 10.10.10.201 255.255.255.0

access-list outside_access_in extended permit icmp any any

global (outside) 1 interface

nat (inside) 1 10.126.6.0 255.255.255.0

access-group outside_access_in in interface outside

route outside 0.0.0.0 0.0.0.0 10.10.10.2 1

Problems:

I am able to ping 10.126.1.X network from CustA context. However, not able to ping 10.126.6.X network from Admin Context.

I am able to surf the Internet from Admin Context i.e. from 10.126.1.X network. However, the DNS server resides on 10.126.1.X network and hence not able to resolve DNS requests from CustA context.

Could someone please help me to resolve the above mentioned problem? Let me know if anybody requires any additional information.

Thanks,

JBP