Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

ping (PIX) nside server by name ?

Hi

I have a pix firewall.

inside Ip address 10.10.10.12

dmz ip address 192.168.25.1

1.

In inside have file server

ip address: 10.10.10.101

name:fserver

DNS server:10.10.10.83

----------------------

In DMZ has user and pc address 192.168.25.30

now I want dmz user ping inside file sever by name.

for this I configure in firewall.

static(inside,dmz) 192.168.25.83 10.10.0.83 (for dns)

static(inside,dmz) 192.168.25.101 10.10.0.101 (for fserver)

name 10.10.10.101 fserver

and also allow icmp ,tcp and udp

-----------------------------------

in dmz zone user use DNS IP:192.168.25.83

Result::::

now i can access the file server and ping from dmz user pc

ping 192.168.25.101 and access \\192.168.25.101

and also i can ping fserver successfully from inside any pc.

but when i want ping fserver from dmz pc

then get reply request time out from ferver and it shows its ip address 10.10.10.101

for information i can telnet dns server from dmz

now my requirement is how DMZ user can access file server name with also IP

address.

pls solve this problem with onfiguration

Thanks

biplob

2 REPLIES
Gold

Re: ping (PIX) nside server by name ?

the dns server response has the server original ip, and that's why the ferver = 10.10.10.101.

i suggest you to disable nat between the inside and the dmz.

e.g.

static (inside,dmz) 10.10.10.0 10.10.10.0 netmask 255.255.255.0

static (dmz,inside) 192.168.25.0 192.168.25.0 netmask 255.255.255.0

New Member

Re: ping (PIX) nside server by name ?

Hi

pls briefly explian to me.

i disable nat and give the command

static (inside,dmz) 10.10.10.0 10.10.10.0 netmask 255.255.255.0

static (dmz,inside) 192.168.25.0 192.168.25.0 netmask 255.255.255.0

i need solve this problem

thanks

Biplob

118
Views
0
Helpful
2
Replies
CreatePlease to create content