Hello. I am trying to get the outside interface (E0) on a 515 pix to communicate to a router. I got the following ip addresses:
Netmask of 25 bits.
I got a laptop connected to this network (via a switch), i put it's default gateway to be the router interface and set up its DNS. The laptop is able to connect to the internet. Now, i disconnected the laptop and put the same ip i used on the pix interface, in the same ip network and everything, but i can't ping the router's ip address.
Is the link speed and duplex configured correctly between the pix and router?
Does a sh int eth0 show the link as being down on the pix?
Until you assign link speed, duplex, and an IP Address (even if it's just auto/auto) to the interfaces on the pix they will remain in an administratively down state.
I've also run into a situation where a freshly configured pix 501 (OS 6.3(4)) was working perfectly before deployment but failed to work at deployment time even though no configuration changes were made in the interim. I couldn't ping the DG from the pix.
I ended up erasing the configuration, clearing the ssh keys, and reconfiguring it before it would work in the new location.
Hi man, thanks for the reply. I found the problem!!! This pix was on a failover group, and by some strange reason, when disconnecting the failover link, it didn't become master. So i just went ahead and disabled failover and the pix started pinging fine.
Thanks for the help man. In fact, that's gonna help me out later when setting up the other interfaces on the pix.
Im new to pix firewall, I have a new pix515E. plz help me how to configure the pix so that I can ping from inside to outside interface and vice versa. also I can configure to telnet from my PC to pix via inside interface, but cannot to outside interface. plz help me.
If you are pinging from Pix it should work, try tying the ip address agian, shut and no shut the interface , clear arp cache on router and pix, this might do some magic, otherwise it difficult to understand why it not wiorking.
if you pinging behind the pix from a laptop, then there could me several issues.
Even tough High to Low works with access-list but ICMP is exception, so make sure you are allowing ICMP to come back. Also check you Global and Nat or Static.
yes, I can ping to inside interface (if i connect cross cable directly to this interface, or i can also ping to the outside interface (if i connect cross cable from my pc directly to this interface), but cannot ping to inside interface (if my PC is connecting from ouside interface and vice versa)
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :