pix-central# access-list dmz_acl permit icmp any any
pix-central# access-group dmz_acl in interface dmz
All I can successfully achieve is this wretched error log message:
%PIX-3-305005: No translation group found for icmp src dmz: 10.254.48.1 dst inside: 10.180.8.1
when I send an echo request from dmz to inside.
There is no difference in the relative relationship between the interfaces in the two examples. outside -> dmz is the same as dmz -> inside, i.e. the data flow is from a low security interface to a high security interface.
Anybody out there have any ideas what I'm doing wrong?
Re: PIX-3-305005: No translation group found .....
Thanks for the information and documentation. Your second static is wrong however. You always want to translate the address from the higher security interface onto the lower security interface (much like you did with your first static example - dmz to outside). In this case, you would want to remove the following static:
static (inside,dmz) 10.254.48.1 10.254.48.1
and replace it with:
static (inside,dmz) 10.180.8.1 10.180.8.1
This statement is translating the 10.180.8.1 address (an inside address) onto the DMZ interface. Now, you should be able to send traffic from the 10.254.48.1 host to the 10.180.8.1.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...