Solved: PIX connectivity issue

jackdangas · ‎10-20-2005

hi,

I try to configure pix firewall, without ipsec first, and i'm unable to ping from a-side to b-side:

172.20.101.x/32 <-> ping nok <-> 172.20.100.x/32.

172.20.101.x <-> ping nok <-> 10.144.32.X/21.

172.20.100.X <-> ping nok <-> 10.144.32.0/21.

Does someone have an idea ?

Jack

jackko · ‎11-03-2005

just wondering how you go.

jackko · ‎10-20-2005

with pix 6.x, nat/global or static are essential.

on both pix, add the commands below:

global (outside) 1 interface

nat (inside) 1 0 0

with the nat/global statements above, pix will pat the interface ip to pix outside interface ip.

assuming you are setting this up for test, you may want to disable nat/pat. if so, instead of adding the commands above, apply the followings:

nat (inside) 0 0 0

jackko · ‎11-03-2005

just wondering how you go.

jackdangas · ‎11-03-2005

Hi,

Thank you for your advice; i had to put on both routers:

Static (inside,outside)

Nat (inside)

icmp permit any inside/outisde

It's ok now,

Thanks

Jack