Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
503
Views
0
Helpful
3
Replies

PIX box problem

amper26
Level 1
Level 1

‎01-03-2003 11:14 PM - edited ‎02-20-2020 10:28 PM

The question concerns a connection problem, the setup in short : we have a good signal (leased T1) comming through into a PIX box, which is not allowing the signal to go any further, it is also preventing certain packets from leaving the network. For example we can see the other domains (WAN) in the network but we cannot get outside the network from any of the domains. Can you bypass the pix box without disrupting any of the routing tables. I have noticed that on the incomming cat5e line to the pix box the connection lite for 100mbps is not lit , however the solid light is lite (indicating solid connection). On the outgoing signal the 100mbps light is lit as well as the solid connection light. We also tried to go into the pix box and am having trouble with resetting the password, basically that is the begginning of the problem. Any comments or suggestions would be appreciated.

0 Helpful
3 Replies 3

tvanginneken
Level 4
Level 4

‎01-05-2003 07:22 AM

Hi,

sorry, but I don't really unstand you question:

"Can you bypass the pix box without disrupting any of the routing tables"

Sorry, but you you be a little bit more specific? Thanks!

What model of the pix are you using? The pix 501 only has a 10Mbit interface on the outside.

Kind Regards,

Tom

0 Helpful

turnbull
Level 1
Level 1

‎01-05-2003 09:03 PM

I must agree with Tom. The question is difficult to understand but perhaps the following will help.

The pix will block everything inbound by default. A static translation and permission (access list or conduit) is required for inbound traffic.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a0080094aad.shtml#topic7

Bypassing the PIX would negate the very reason for having it.

regards

0 Helpful

gfullage
Cisco Employee
Cisco Employee

‎01-06-2003 06:33 PM

PIX password recovery procedure is detailed here:

http://www.cisco.com/warp/public/110/34.shtml

That should get you started. After that, it sounds like you can't get out thru the PIX. To do this, you need a NAT/global statement in the PIX. I would suggest you either post your configuration (replace external IP addresses and passwords please) so we can see what's going on, or read through this:

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_62/config/index.htm

especially the "Establishing Connectivity" section.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card