Firewall Configuration Issue

chaitu_kranthi · ‎06-12-2009

Hi,

i am having some issue while configuring PIX firewall in my network.

Please find the network digram for your refernce abt the setup.

As per diagram i am able to reach the firewall using inside interface ip address from remote end Lan.

but there is no traffic passing between outside to inside even if i kept permit ip any any ACL rule.

Can some one send me the basic configuration as per the network diagram.

It will be great help for me.

Farrukh Haroon · ‎06-12-2009

You forgot to attach (I think).

Also post your sanitized configuration.

Regards

Farrukh

chaitu.kranthi · ‎06-13-2009

Hi,

Thanks for your quick reply,

apology for missing the configuration.

Please find the config & network diagram as attachment.

correct me if i am wrong at any where.

My requirement is outside lan has to access remote server through inside interface with out any nat.

Farrukh Haroon · ‎06-13-2009

Can you mention any SPECIFIC flow you are trying to test?

e.g. telnet x.x.x.x port

Also your default route statement seems to be wrong:

route inside 0.0.0.0 0.0.0.0 10.62.249.254 1

The interface you mention is 'inside' but the next-hop is actually the FW's outside interface IP??

It should be the following I guess:

route inside 0.0.0.0 0.0.0.0 10.62.248.XX

Also is your inside interface mask correct? Is it supposed to be /27?

Regards

Farrukh

hussain.ratlami · ‎06-15-2009

Hi,

check your route command, it should be

route inside 10.62.242.0 255.255.255.0 10.62.248.62

also if you have done any Natting, you have to create a NAT exempt rule for the network range you dont want to b Natted.

Let me know for any help you require