Have a 3640 connecting to ISP via PPPoE in FA and a point to point T1 on Serial. Default route is pppoe and then static routes for IP's on the other end of the T1. Pinging from inside the 3640 works fine to either the web or a pc at the other end of the t1.
Have a pix behind the router to firewall. It has one route - the 3640. Web works great, but not getting to the T1. Have enabled pings and can ping the web, but can't ping pc on T1.
How can I debug? Suggestions to look for?
Pertinent pieces of config below and full configs attached.
ip address outside 6x.x.x.166 255.255.255.252
ip address inside 10.10.1.254 255.255.255.0
global (outside) 1 interface
nat (inside) 0 access-list nonat
nat (inside) 1 10.10.1.0 255.255.255.0 0 0
static (inside,outside) tcp 6x.x.x.166 ftp 10.10.1.5 ftp netmask 255.255.255.255 0 0
access-group outside_access_in in interface outside
route outside 0.0.0.0 0.0.0.0 6x.x.x.165 1
ip address 6x.x.x.165 255.255.255.252
no cdp enable
no ip address
pppoe-client dial-pool-number 1
ip address 172.18.0.1 255.255.255.252
ip address negotiated
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
ip tcp adjust-mss 1452
dialer pool 1
no cdp enable
ppp authentication chap callin
ppp chap hostname s****@********.net
ppp chap password 0 *******
ip route 0.0.0.0 0.0.0.0 Dialer1
ip route 10.0.0.0 255.255.255.0 Serial2/0
ip route 10.1.1.0 255.255.255.0 Serial2/0
When you ping from the 3640, you are sourcing from the serial interface T1 which I assume the remote network knows about because you get a successful reply.
When you ping from the PIX, you are sourcing from its outside interface 6x.x.x.166 and I'm sure the remote network does not have a route to that IP via the serial, does it?