We got a couple PIX all running 6.3(1). For some strange reason on one of them I can not create a static translation for a server (http). As soon as I enter the static-command the server is unable to get onto the internet and is also invisible to the internet. In other words the static doesn't create what it should - it just breaks the servers connection to the internet.
I got the same commands running on a different box and they work there (www, smtp, and so on).
nat (inside) 1 0.0.0.0 0.0.0.0 0 0
global (outside) 1 interface
access-list ACL_OUT permit tcp any host 184.108.40.206 eq www
Sounds like your ISP hasn't allocated or routed 220.127.116.11 to you correctly. When you add this static in, any outbound traffic from this web server is going to be changed to 18.104.22.168. when that traffic returns, if your ISP is not routing that IP address to you properly then the packets aren't going to get to you. Check with them and make sure they've got everything set up correctly for that IP address.
I can telnet to 22.214.171.124 on port 80 from here and I get connected, so if this is currently behind the PIX then the IP connectivity sems to be working OK. However, web browsing from here doesn't show up anything.
We really need to see the syslogs on the PIX to see what's going on. Do the following:
> logging on
> logging buffer debug
then try a connection from the outside to this web server, and also try an outbound connection from this web server, then send us the log file.
Also, keep in mind that if you've had a PC on the outside at 126.96.36.199 and then you move this behind the PIX, you will need to clear the ARP table on your outside router, since the ARP entry won't time out for 3 hours (on a Cisco router anyway).
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...