PIX-501 problem.

jsallander · ‎09-24-2007

I have been charged with getting a pair of PIX-501 units set up and ready to be shipped to an off-site location.

I did the initial setup, and configured the rules. Everything appeared fine, until I actually connected the WAN.

Through the PDM, it shows both the inside and outside interfaces as being up and functioning.

Also, through the PDM, I can use the PING tool, and ping external addresses without any problems. In other words, it does indeed appear that the OUTSIDE interface is working correctly.

On the inside, local networking is fine. I can contact the PIX from the inside machines, SSH, use the PDM, etc, without any problems.

HOWEVER: Inside machines can NOT talk to the outside network. Machines on the OUTSIDE can NOT connect to the PDM, SSH, or any of the forwarded ports.

Obviously, something is misconfigured, but I have no idea what it may be.

Any help would be appreciated. I have not worked with Cisco products before, and I am not an TCP/IP expert. This is going to be a one-time job for me.

Thanks.

acomiskey · ‎09-24-2007

"Machines on the OUTSIDE can NOT connect to the PDM, SSH, or any of the forwarded ports."

Are you sure your default route is correct?

Also, you do not have any forwarded ports....static commands.

static (inside,outside) x.x.x.x 192.168.1.x netmask 255.255.255.255

or

static (inside,outside) tcp interface 80 192.168.1.x 80 netmask 255.255.255.255

or

static (inside,outside) tcp x.x.x.x 80 192.168.1.x 80 netmask 255.255.255.255