I have a PIX 515 F/W with one interface connected to the Internet and other to the inside network(172.16.0.0).Things are working fine.
Now I want to put a Database server which would be on a different network (10.1.10.0) and would be protected by a checkpoint firewall.
I have configured the checkpoint firewall on NT 4 with 2 interface one connected to our internal network(172.16.0.0) and one to network with the database server(10.1.10.0).I have setup the policy on the checkpoint firewall .The 172.16.0.0 segment users are able to acces the dbase server in 10.1.10.0 segment.
I want people from the internet to cnnectto the DB server .Can anyone explain what needs to be done the PIX 515 and the checkpoint to get this going.
I had to add "inside 172.16.10.0 255.255.255.0 172.16.10.10 1 OTHER static " to get the routing to work properly, though I fail to understand why this line is required.
Below is the interface details of PIX and checkpoint FW.
Also The users in the 172.16.0.0 segment are not able to speak to 10.1.1.0 255.255.255.0 segment until I put a static route to 10.1.1.0 segment in each PC ,this despite the fact that the PIX has a static entry to 10.1.1.0 segment and the default g/w of all the nodes in 172.16.0.0 segment is pix inside interace ie 172.16.0.1.Please this exlain this as well.
pix inside=172.16.0.0 255.255.0.0
PIx outisde=213.x.x.x x.x.x.x
checkpoint outside=172.16.10.10 255.255.0.0
checkpoint inside=10.1.1.1 255.255.255.0
Hope I have explained my problem properly which would be understood by someone I guess.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :