Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

PIX box problem

The question concerns a connection problem, the setup in short : we have a good signal (leased T1) comming through into a PIX box, which is not allowing the signal to go any further, it is also preventing certain packets from leaving the network. For example we can see the other domains (WAN) in the network but we cannot get outside the network from any of the domains. Can you bypass the pix box without disrupting any of the routing tables. I have noticed that on the incomming cat5e line to the pix box the connection lite for 100mbps is not lit , however the solid light is lite (indicating solid connection). On the outgoing signal the 100mbps light is lit as well as the solid connection light. We also tried to go into the pix box and am having trouble with resetting the password, basically that is the begginning of the problem. Any comments or suggestions would be appreciated.

3 REPLIES

Re: PIX box problem

Hi,

sorry, but I don't really unstand you question:

"Can you bypass the pix box without disrupting any of the routing tables"

Sorry, but you you be a little bit more specific? Thanks!

What model of the pix are you using? The pix 501 only has a 10Mbit interface on the outside.

Kind Regards,

Tom

New Member

Re: PIX box problem

I must agree with Tom. The question is difficult to understand but perhaps the following will help.

The pix will block everything inbound by default. A static translation and permission (access list or conduit) is required for inbound traffic.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a0080094aad.shtml#topic7

Bypassing the PIX would negate the very reason for having it.

regards

Cisco Employee

Re: PIX box problem

PIX password recovery procedure is detailed here:

http://www.cisco.com/warp/public/110/34.shtml

That should get you started. After that, it sounds like you can't get out thru the PIX. To do this, you need a NAT/global statement in the PIX. I would suggest you either post your configuration (replace external IP addresses and passwords please) so we can see what's going on, or read through this:

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_62/config/index.htm

especially the "Establishing Connectivity" section.

98
Views
0
Helpful
3
Replies