We have 2 Pix's. Pix-A was used to allow internal user out to the internet. Pix-B was used for outside users to access our Web and other tools. Since the connection on Pix-A was on faster connection, we started moving our web applications off Pix-B to Pix-A.
We have some public access VLAN that allow the users only to the internet and we pointed them to our Outside DNS server. To access our web applications, the Outside DNS pointed them to outside address on the Pix-B. That way they had to go out Pix-A and then in Pix-B. Every thing was working fine.
When we started moving our web applications to Pix-A, these user could not access the web applications. They are going out Pix-A and then trying to come back in same Pix.
You have to set up "DNS Rewrite", where the PIX will change the A record in the DNS reply from your outside DNS server. The DNS server will respond with the global IP address of the web server, but the PIX will change it on the way through to point to the inside IP address of the server. The inside users will then connect straight to the inside IP address, and won't try and route out and in the outside of the PIX (which won't work).
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :