07-13-2007 10:04 AM - edited 03-11-2019 03:44 AM
Hi,
Attached is my Network diagram where i hav placed the web content server, which is acting in bridging mode behind the firewall. i hav added two subnet ip address in that bridge, now the clientz in my LAN can able to speak each other ie. 192.168.1.1 & 172.16.1.1, but only 192.168.1.1 can access internet, the other 172.16.1.1 cannot access internet even thought i hav put the ip address in the alias for passing the other subnet traffics in the bridging mode. any suggestions?
ofcourse each clientz can speak each other by pointing the PIX ip address as a gateway.
07-20-2007 06:00 AM
This sample configuration demonstrates how to configure a Cisco Secure PIX Firewall to separate a corporate network from the Internet.
07-20-2007 06:51 AM
Are the clients using the "web content server" as a forward proxy (transparent or otherwise)? I am confused at what the "web content server" is actually supposed to be.
In any event, you need to think about it from the perspective of the client. I will assume the "web content server" is either not a proxy or is a transparent proxy...so the client has no knowledge of it. The client attempts to connect to www.yahoo.com via the browser. First the client resolves the www.yahoo.com hostname to 69.147.114.210. Then the client attempts to connect that IP on TCP port 80. Since that IP is not local, it will send the packets to its default gateway. FWIW, the exact same thing probably happens when 192.168.1.1 tries to connect to 172.16.1.1. If 192.168.1.1 is not on the same network, and doesn't have a specific route to 172.16.1.1...it will forward the packet to its default gateway.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: