Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
636
Views
0
Helpful
4
Replies

Cannot ping inside interface of PIX515

tung
Level 1
Level 1

‎01-27-2007 02:02 PM - edited ‎03-11-2019 02:25 AM

Hello,

This is a brand new settup. For some reason I cannot access the inside interface not even ping. Here is a basic config. Thanks

PIX Version 6.3(5)

interface ethernet0 auto shutdown

interface ethernet1 100full

interface ethernet2 auto shutdown

nameif ethernet0 outside security0

nameif ethernet1 inside security100

nameif ethernet2 dmz security4

enable password xxx

passwd xxx

hostname BEETEEPIX515

domain-name beetee.local

fixup protocol dns maximum-length 512

fixup protocol ftp 21

fixup protocol h323 h225 1720

fixup protocol h323 ras 1718-1719

fixup protocol http 80

fixup protocol rsh 514

fixup protocol rtsp 554

fixup protocol sip 5060

fixup protocol sip udp 5060

fixup protocol skinny 2000

fixup protocol smtp 25

fixup protocol sqlnet 1521

fixup protocol tftp 69

names

pager lines 24

icmp permit any echo inside

mtu outside 1500

mtu inside 1500

mtu dmz 1500

no ip address outside

ip address inside 172.22.14.253 255.255.255.0

no ip address dmz

ip audit info action alarm

ip audit attack action alarm

no failover

failover timeout 0:00:00

failover poll 15

no failover ip address outside

no failover ip address inside

no failover ip address dmz

pdm history enable

arp timeout 14400

timeout xlate 3:00:00

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00

timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00

timeout sip-disconnect 0:02:00 sip-invite 0:03:00

timeout uauth 0:05:00 absolute

aaa-server TACACS+ protocol tacacs+

aaa-server TACACS+ max-failed-attempts 3

aaa-server TACACS+ deadtime 10

aaa-server RADIUS protocol radius

aaa-server RADIUS max-failed-attempts 3

aaa-server RADIUS deadtime 10

aaa-server LOCAL protocol local

no snmp-server location

no snmp-server contact

snmp-server community public

no snmp-server enable traps

floodguard enable

telnet timeout 5

ssh timeout 5

console timeout 0

terminal width 80

Cryptochecksum:xxx

: end

Labels:
0 Helpful
4 Replies 4

tung
Level 1
Level 1

‎01-27-2007 02:47 PM

Hello,

I had to force it by type in "failover active" command then it start to repond and able to access the internet but if I reboot the pix it goes back to the same problem. Please help. Thanks

0 Helpful

oabduo983
Level 1
Level 1
In response to tung

‎01-27-2007 09:49 PM

Hi Tung,

Are you sure you have the synchronization going fine between the active and failover? do you allow ping on the failover? Basically, when you reboot it switches to the failover unit but you need to make sure that the IP address on the failover unit is the IP you are pinging.

In your case, when you reboot, ping the the failover IP and it should respond to you!

regards,

0 Helpful

tung
Level 1
Level 1
In response to oabduo983

‎01-28-2007 08:43 PM

Is that mean I have to assign an IP for the failover interface? I would like to disable this failover feature because this is the only PIX we have. We don't have any failover or standby. Thanks

0 Helpful

oabduo983
Level 1
Level 1
In response to tung

‎01-29-2007 07:12 PM

Yes, this is correct. You will have to remove failover configuration. But I don't see any configuration for failover. What license fo you have? could you please send show version of your firewall?

Regards,

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card