Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

communication between PiX internal interface

hi,

i am using a Pix firewall for hiding my two internal networks( for ex network A and B) connected to seperate interfaces of the PIX firewall.

a) i installed one windows server on

network A , and it's working properly for Network A users.

b) i want to share this windows server for users in Network B. i am not able to achieve this , perhaps i have to open PiX firewall as Network A & B are on two seperate interface.

Please guide me for a sample cisco config Or suggest.

Thanks,mahesh.

1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Blue

Re: communication between PiX internal interface

Mahesh

You can do this one of 2 ways.

1) If the 2 interfaces are the same security level you can use the following command

"same-security-traffic permit inter-interface"

if you do this traffic an flow freely between the 2 interfaces without any access-lists or NAT.

2) If you would rather control traffic. It all depends on which interface has a higher security level.

Can you post the security levels for the 2 interfaces. You can get these from a "sh run"

Jon

5 REPLIES
Hall of Fame Super Blue

Re: communication between PiX internal interface

Hi Mahesh

What version of Pix are you running ?

What security levels do each of the interfaces have ?

Jon

New Member

Re: communication between PiX internal interface

dear jon,

it's 7.1 and pix configured as basic firewall ( no VPN ) , so the question is how to open one interface for another in a pix firewall.

rgds,mahesh.

Hall of Fame Super Blue

Re: communication between PiX internal interface

Mahesh

You can do this one of 2 ways.

1) If the 2 interfaces are the same security level you can use the following command

"same-security-traffic permit inter-interface"

if you do this traffic an flow freely between the 2 interfaces without any access-lists or NAT.

2) If you would rather control traffic. It all depends on which interface has a higher security level.

Can you post the security levels for the 2 interfaces. You can get these from a "sh run"

Jon

New Member

Re: communication between PiX internal interface

dear Jon,

Appriciate your help.

your question on security level help me to fix the problem and i got a sample config

showing the config from low security zone to

high security zone.

Tks,mahesh

New Member

Re: communication between PiX internal interface

can post sample Config here, more or less iam in the same situation .

Tks

karthik

216
Views
0
Helpful
5
Replies