12-16-2011 09:16 AM - edited 03-11-2019 03:02 PM
Hi,
I just configure my PIX 515E with version 7.0(4) and having problems to get traffic out on eth0 (if name outside). There is no problems between different VLAN ,all VLANs are configure on eth1. It is also possible to accass services on VLAN 10 (DMZ) from outside. The only thing I see in syslog is "Built Outbound" and "Teardown".
See my configuration in attached file.
Regards
Mikael
Solved! Go to Solution.
12-16-2011 09:48 AM
Hi Mikael,
Yes that's right, you would need this:
nat (inside) 1 0 0
nat (wlan) 1 0 0
nat (client) 1 0 0
nat (server) 1 0 0
nat (dmz) 1 0 0
global (outside) 1 interface
Hope this helps.
please do rate helpful posts.
Thanks,
Varun
12-16-2011 11:03 AM
for 13 to 10 add:
static (dmz,client) 192.168.10.0 192.168.10.0
Varun
12-16-2011 09:26 AM
Hi Mikael,
You are missing this statement:
nat (inside) 1 0.0.0.0 0.0.0
global (outside) 1 interface
and please remove this:
nat (inside) 0 0.0.0.0 0.0.0.0
It shoudl work after this.
Hope that helps.
Thanks,
Varun
12-16-2011 09:43 AM
Thanks Varun for quick answer.
I'm sitting on VLAN 13 (client) and I'm still not able to "get out". Do I have to create nat entry for all VLANs?
/Mikael
12-16-2011 09:48 AM
Hi Mikael,
Yes that's right, you would need this:
nat (inside) 1 0 0
nat (wlan) 1 0 0
nat (client) 1 0 0
nat (server) 1 0 0
nat (dmz) 1 0 0
global (outside) 1 interface
Hope this helps.
please do rate helpful posts.
Thanks,
Varun
12-16-2011 09:56 AM
You are my hero, it works!
Regards Mikael
12-16-2011 10:00 AM
My Pleasure
Varun
12-16-2011 10:22 AM
I was so lucky when I reach out that I forgot to test to connect to the other VLAN:s... and of cours that is not working...
"No translation group found for tcp src client:192.168.13.102/51074 dst dmz:srv004/22"
/Mikael
12-16-2011 10:45 AM
From whihc vlan are you trying to connect to whihc vlans??
Varun
12-16-2011 10:56 AM
from 13 (client) to 10 (DMZ). But I also having problems in the other direction.
12-16-2011 11:03 AM
for 13 to 10 add:
static (dmz,client) 192.168.10.0 192.168.10.0
Varun
12-16-2011 11:19 AM
Once again, Thank you!
I will use this community more
12-16-2011 11:20 AM
Hey thats gr8
Varun
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: