Re: PIX 501
- From: roberson@xxxxxxxxxxxx (Walter Roberson)
- Date: Thu, 28 Jun 2007 05:15:23 GMT
In article <obKdnQYjXrrvlB7bnZ2dnUVZ_ryknZ2d@xxxxxxxxxxxxx>,
Jack <jackm@xxxxxxxxxxxxxxx> wrote:
Our PIX 6.2 has a very strange behavior after I add static (inside,outside)
outside_IP inside_IP netmask 255.255.255.255 0 0
What happen is that after adding I can RDP from outside to this local IP. I
can cannect to Internet form this local IP: however, all other local IPs are
no longer can go to Internet. I can't even ping from the PIX to any IP
outside. As soon as I remove the line everything works just fine. Any
advise? I'm I missing something? Or this is a problem?
What you describe is the behaviour I would expect to see if what
you have listed as outside_IP is the PIX interface IP itself. You cannot
static the entire PIX interface IP: you have to static individual
TCP or UDP ports on it, and you cannot name the PIX outside IP itself
(use the keyword 'interface' instead)
static (inside,outside) tcp interface 25 inside_IP 25 netmask 255.255.255.255 0 0
for TCP port 25.
.
- References:
- PIX 501
- From: Jack
- PIX 501
- Prev by Date: Re: How complicated is it to open a port?
- Next by Date: Re: How complicated is it to open a port?
- Previous by thread: PIX 501
- Index(es):
