Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Hosts with a "reused" internal IP address have no connectivity past PIX515

I have a brand new PIX515UR [6.1(2)] that is exhibiting some odd behavior.

Here is what happens:

1. I have a server that is moving from the inside network to the DMZ1 network.

The external IP address stays the same, but the internal IP address

changes.

2. I change the server's internal TCP/IP address, update my internal DNS, and

move the patch cable from the inside network to the DMZ1 network (I'm only

changing the 3rd octet).

3. I copy the existing static mapping and conduits into notepad, and make the

TCP/IP address changes there so I can cut and paste them back in on the

PIX's command line.

4. I remove the existing address mappings and conduits.

5. I do a write mem to save the changes, then do a sh config to verify that they

are saved.

6. I put in the new address mappings and conduits, and repeat step #5.

7. I verify that I have connectivity to the outside world on the server that I just

moved into the DMZ1 network.

8. I put another server into production that will be on the inside network, and

reuse the static internal TCP/IP address of the server that was just moved

into the DMZ.

9. I can see my entire internal network from the new server, but have no

connectivity to the outside world.

10. I can ping the firewall from the new server, and vice versa - but no further.

11. I change the new server's IP address to a different address (one that

is on the same network, but has never been entered as a mapping on the

firewall), and now have connectivity to the outside world.

12. I change the new server's IP address back to the "reused" address

and lose connectivity.

13. I reboot the PIX, and now the new server with the "reused" address has

connectivity to the outside world.

2 REPLIES
New Member

Re: Hosts with a "reused" internal IP address have no connectivi

Hi, always make sure whe you remove static mappings, conduits or access lists to clear the xlate on the PIX. It sounds like that was the problem. Anyone else??

Hope that helps...

New Member

Re: Hosts with a "reused" internal IP address have no connectivi

Thanks for your help. I cleared the xlate and that fixed it.

87
Views
0
Helpful
2
Replies
CreatePlease login to create content