Hello, this is my first time working with a PIX, so I'm a little confused and frustrated with the setup of the PIX!
I'm trying to get traffic coming from the inside to be able to flow to the outside, but am unable to. I have an IP address on both the inside and the outside interfaces and can ping routers on both sides (the Internet gateway router and our internal router) but am not able to allow clients to access any external resources. I have the internal network setup on the inside interface (sec100) and the gateway router on the outside interface (sec0).
I don't want to use NAT (I'm already using PAT on our gateway router and have no need to translate the addresses at the firewall). I used the "static (inside,outside) x.x.x.x x.x.x.x netmask z.z.z.z" command where x.x.x.x is our internal address space and z.z.z.z is the internal network's subnet mask. To test the firewall (without taking out our existing firewall and shutting down our live network), I set my notebook up to be on the same subnet as the internal (inside) interface and set the default gateway on my notebook to the firewall. The firewall can ping my notebook and stuff on the internet (it's connected fine). When I try to ping from my notebook to an IP address on the internet (that I know I get a response from), I just get timeouts. It's like it's blocking the traffic and won't let it go through. I don't receive any "deny" messages on my syslog server when I try the ping. I do get "Oct 16 2002 13:32:12: %PIX-6-305002: Translation built for gaddr y.y.y.y (my notebook IP) to laddr y.y.y.y".
Any help that you could recommend would be most helpful and appreciated!
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...