I need help configuring a newly reinstated PIX515E with IOS 6.3 to test the configuration of a load balancer.
I would like to setup with two Inside interfaces (or simply two interfaces) for testing. I just need it to pass traffic (basically HTTP and HTTPS) between these two interfaces without using NAT.
The older IOS is causing me some problems.
Another potential issue is that I am trying to connect to an IP on the 192.168.3.x network connected to the same switch using another IP in that network as the Interface IP (3.200). So the HTTP and HTTPS traffic needs to flow from the laptop (192.168.12.100) to the Inside-test interface (12.1) then to the Inside interface (3.200) then to the destination webserver at (3.45) which is connected to the same switch as the Inside (3.200) interface. The other issue I may have is that DNS is not working because I don't have an outside interface configured for Internet access,but trying to connect via IP address does't work either. I may be able to configure a second DNS server for the 192.168.12.X network for testing purposes if needed. I even tried to set the default route to the Interface of the production ASA's inside interface (3.1), but that did not work either.
The office Internet connection is only available directly on the port connected to the ASA (not the PIX) which may be adding some complexity. I am not currently using the outside interface at all.
Would this accomplish the goal of NO NAT between the two interfaces? Would I need to add exemptions for traffic between the two networks or does that defeat the purpose of adding the command in the first place?
I need to make sure that there is not nat between these two interfaces for the purposes of testing the load balancers.
Should I leave the default route in or take it out?
The static NAT to itself is performing a no NAT between the 2 interfaces, it works bidirectionally.
You stated that it doesn't seem to allow communication between the 2 networks - pls check your ACL on the interfaces as it is only allowing very limited access, are you trying to access something that you've configured in your ACL? Please remove the ACL for the time being for testing purposes. The static NAT command should allow communication between the 2 internal interfaces, unless you've made other changes in your config.
To access the internet, you will need to NAT/PAT it to a public IP, whether it is on the PIX itself or on other devices.
You can run "capture" on the PIX interface and you will see that the IP is not being NATedd as the "capture" is the last step just before the packet is sent on the wire.
and btw, show xlate does show you the local and the global address. If both are the same addresses, that means no NAT is performed. Otherwise, if NAT is performed, it will show the real IP for the local address, and the NATed IP for the global address.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...