Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Static between interfaces PIX

Good day. It is necessary to make translation of the address between 2 interfaces:

dmz2 security-level 10

dmz1 security-level 40

In dmz2 62.33.x.77 address It is necessary that in a network dmz1 it was accessible to the address of 62.165.y.77 the Command:

static (dmz2, dmz1) 62.165.y.77 62.33.x.77 netmask 255.255.255.255

will solve a task in view?

4 REPLIES
Bronze

Re: Static between interfaces PIX

Hello!

Where is your server located dmz1 or dmz2?

The command you mentioned here means the server is located in dmz2 and it has IP 62.33.x.77 and you want to access it from dmz1 using its translated ip, that is 62.165.y.77

is this what you wanted?

Plz rate if this is helpful!

New Member

Re: Static between interfaces PIX

My server is in dmz2 and has 62.33.x.77 address. I want, that to it had access from dmz1 to the address of 62.165.y.77, and it could have access in dmz1 with 62.165.y.77 address.

Bronze

Re: Static between interfaces PIX

Yes, this should work fine if you do not have any access-lists applied to the dmz1, but if you have any ACL's make sure the permission is allowed to the 62.165.y.77 ip...

regards,

New Member

Re: Static between interfaces PIX

When i`m ping from host in dmz2 62.33.x.77 host in dmz1 192.168.230.10, I do not receive the answer

in log i'm see

Aug 9 14:23:11 pix-firewall Aug 09 2007 14:23:11: %PIX-3-305005: No translation group found for icmp src dmz2:62.33.x.77 dst dmz1:192.168.230.10 (type 8, code 0)

Why? Sorry for my bad english.

112
Views
0
Helpful
4
Replies
CreatePlease login to create content