I have moved a PIX to a cyber center and can't get my ACL's to work.

ddevecka · ‎12-10-2002

I have recently moved my PIX to a cyber center, change the internal ip and subnet and external ip and subnet, change the ACL and static entry to reflect the address change but the ACL still doesn't work can anyone help on this?

I have outside addresses, an internal cyber center address rang plus I have my local (INTERNAL TO COMPANY addresses)

something like

1.1.1.1 255.0.0.0 Cyber center external

172.2.0.0 255.255.0.0 Cyber Center internal

192.111.0.0 255.255.255.0 internal company IP

The server I am trying to allow access to would be on the 192.111.0.0 network. I can ping from the cyber center internal to my internal company address, so I assume routing is correct and I can also surf the internet via the pix.

Can anyone help me on this.

gfullage · ‎12-10-2002

This is hard to help without seeing the config or at the very least the syslog message that you're getting when you try and access. Did you do a "clear xlate" after changing all the static's? Are you sure the ACL reflects the new addresses?

If you cna browse the Internet through this PIX, then your nat/global stuff is working OK. If you can't come in though, then your static/ACL is broken, that's primarily where you need to look.

ddevecka · ‎12-11-2002

I can browse the internet. I have also pulled all my outbound's out, changed to a different IP address and still nothing. Could it have anything to do with the fact my Cyber center address in a class b internal and I am trying to pass to a class c internal?