03-27-2003 04:48 AM - edited 02-21-2020 12:26 PM
Hello,
We have a customer with a PIX 515 we have installed and we have a VPN from our office to them. We can connect to all their hosts behind the PIX via the VPN okay for configuring (telnet) and monitoring (SNMP). We want to monitor the PIX via snmp as well. We cannot access the internal NIC ip address via the VPN. We cannot ping, telnet or use SNMP to it.
THe VPN is working okay as I mentioned above but is there something else I need to do to allow access to the internal NIC IP address?
Solved! Go to Solution.
03-27-2003 06:58 AM
That is normal Pix behavior. You cannot communicate with a Pix's interface unless it is the one receiving the traffic. Therefore, you can only monitor and communicate with the Pix's outside interface/IP from the Internet.
BTW...This has changed in Pix v6.3 that was released yesterday. You can use the [management-access] command to manage your Pix using it's private IP across a VPN tunnel.
03-27-2003 05:09 AM
Hi,
Is the normal pix behaviour !!
03-27-2003 06:31 AM
Hmm, Thanks but if this is normal PIX behaviour, how can I monitor my PIX? As I said, we currently have a VPN to our customer which terminates on the PIX. We are able to monitor the IOS routers via SNMP over the VPN as they are behind the PIX. How can I do the same for the PIX when the VPN terminates on it?
Thanks
David
03-27-2003 06:58 AM
That is normal Pix behavior. You cannot communicate with a Pix's interface unless it is the one receiving the traffic. Therefore, you can only monitor and communicate with the Pix's outside interface/IP from the Internet.
BTW...This has changed in Pix v6.3 that was released yesterday. You can use the [management-access] command to manage your Pix using it's private IP across a VPN tunnel.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide