PIX 501 help

Unanswered Question
Sep 6th, 2006
User Badges:

Hi,


I have configure the PIX501 to have the following:


Inside Int: 192.168.0.1

Outside Int: 203.123.132.131


From the PIX console, I am able to ping to outside IP ( external IP such as goolgle ..etc ) and I am able to ping to the server connected to one of the server which is having 192.168.0.202 IP. However, from the server side, I am not able to ping out to any of the host reside externally such as google..etc


Need you guys help to shade some lights.


THanks,

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
vijayasankar Wed, 09/06/2006 - 21:29
User Badges:
  • Silver, 250 points or more

hi,


Can you post the config ( removing the sensitive details, public ip etc) here for us the check.


We would like to check the nat/global/acl/route configurations.


-VJ

Fernando_Meza Wed, 09/06/2006 - 21:32
User Badges:
  • Gold, 750 points or more

Hi .. you need to create a PAT for going out


nat (inside) 1 access-list OUTbound

global (outside) 1 interface


access-list OUTbound permit icmp any any <- allows ICMP

access-list OUTbound permit IP any any <- allows all




I hope it helps .. please rate if it does !!!






andy_saw_18 Sun, 09/10/2006 - 19:50
User Badges:

thanks but I believe there's some routing issue.


pix501(config)# sh route

outside 0.0.0.0 0.0.0.0 203.123.132.1 1 OTHER static

inside 192.168.0.0 255.255.255.0 192.168.0.1 1 CONNECT static

outside 203.123.132.0 255.255.255.0 203.123.132.131 1 CONNECT static


My Linux server routing table:


[[email protected] ~]# route -n

Destination Gateway Genmask Flags Metric Ref Use Iface

203.123.132.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0

192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1

192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0

169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth1

0.0.0.0 192.168.0.1 0.0.0.0 UG 0 0 0 eth0


Thanks,

Actions

This Discussion