Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

PIX 515 Ver 6.3(3) Blocking Internal traffic

Firewall had blocked access to the internal IP address which was mapped with a public IP address. This occured after I tried connecting the server directly to the public IP address bypassing the pix.

static (inside,outside) 70.45.5.8 192.168.0.145 255.255.255.255.0 0

I was not able to connect the internal 145 from outside address. In order to test the application I tried placing this system directly with public ip 70.45.5.8 and it worked. Now when I place the system back behind the firewall replacing the IP back to 192.168.0.145, it works on the internal network but firewall does not allow traffic through and I cannot even access internet. It had occured with three internal IPs and I have to change the ip to make the system work. I understand somewhere these ips are recorded in ACL denying access. Can someone tell me how to fix this problem so that I can use these IPs again on the network?

2 REPLIES

Re: PIX 515 Ver 6.3(3) Blocking Internal traffic

hi

did u try clear xlate before getting the server behind the local lan network ?? if you havent can you give a try and check ?

regds

Community Member

Re: PIX 515 Ver 6.3(3) Blocking Internal traffic

Modify your netmask to make it host based as opposed to network and you need to create seperate statics for each host.

The following command maps an inside IP address (10.1.1.3) to an outside IP address (209.165.201.12):

hostname(config)# static (inside,outside) 209.165.201.12 10.1.1.3 netmask 255.255.255.255

115
Views
0
Helpful
2
Replies
CreatePlease to create content