PIX 515 config issues

Unanswered Question

I know I am missing something here I just can't figure it out.. Something doesn't feel right about this config and I am having issues getting from one inside to dmz and inside to outside randomly. Any tips or suggestions on this config?

Inside should be 192.168.0.0 255.255.0.0 network

dmz is 10.0.0.0 255.255.255.0 network

outside is 65.125.117.96 255.255.255.240 network

inside users need to get to dmz and outside, dns resides outside and on a dmz server also, 2 outside ips 65.125.117.99 and 101 should be natted 10.0.0.3 and .4 each with a few ports being forwarded to them and that is all. Basic config nice and easy and something just seems fishy with it..

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
vitripat Mon, 07/02/2007 - 18:18

Keeping in mind your requirements, you dont need to have nat/global rules configured the way they are right now. It seems that you are exhausting the IPs in global pool for outbound access and hence facing issues. Try following-

clear global

no nat (inside) 1 10.0.0.0 255.0.0.0

global (outside) 10 interface

clear xlate

Now test the connectivity. There shouldnt be any connectivity issues from inside->dmz.

Regards,

Vibhor.

Actions

This Discussion