- Bronze, 100 points or more
I have replaced an OpenBSD-based firewall with a PIX 501 and it seems very nearly perfect. However, there are a few PAT forwards that don't seem to be working from networks OUTSIDE our external netblock, and I can not for the life of me figure out why.
There are several machines that are on the same external network as the firewall (126.96.36.199/26) which ARE able to access the forwarded ports that don't work from the outside. One of these is SSH forwarding 188.8.131.52 to 10.0.0.196. Machines on the 184.108.40.206/26 network can ssh to 220.127.116.11 (which is forwarded to 10.0.0.196.) Machines on other external networks are unable to connect.
I will have to post my config (with substitutions for IPs and security info.) in a subsequent post, as the question AND config exceed 4000 characters...
Could someone please take a look and tell me what I've done wrong?