Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

PIX access across WAN

Using a PIX 515 I've allowed external access on port 1677 to 2 NAT'd servers. One server sits on the same LAN as the PIX, the other sits on another site over an MPLS core.

I can attach externally to the server on the same LAN, but cannot attach to the other. The ACL is fine and permits the traffic but it never gets to the other site. The NATting is all fine with a sh xlate. Not sure where to look next ?

4 REPLIES
Gold

Re: PIX access across WAN

Have you got a route added on the pix for your other network (MPLS) i.e.

route inside x.y.z.x mask

Jay

New Member

Re: PIX access across WAN

Jay,

Yes I have this route on the PIX already.

Andy

New Member

Re: PIX access across WAN

Hello. Remember that when you use the command "ip address outside pppoe setroute" or similar, you can't add some routes.

I hope this will help you.

New Member

Re: PIX access across WAN

Is the remote server behind a firewall or a router that doesnt allow inbound connections , check that since that could be also an issue.

also check whether that remote server is able to reached from the local lan itself on the specified port to see the service as i had the same issue some time back.

Since you said the xlate works that means your end is ok since the xlate will form only when you have a proper ACL, route etc and if still not working means some thing which you need to check at the remote end only.

Probably you can check the remote server logs or if there is firewall or router check that logs as well why you are not able to reach from here.

hope this helps

85
Views
0
Helpful
4
Replies
CreatePlease login to create content