Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
258
Views
3
Helpful
3
Replies

problem in nat implementation.

vikrantarora
Level 1
Level 1

‎02-28-2003 09:55 AM - edited ‎03-09-2019 02:19 AM

i hav pix up and running. at present i dont have any address translations, but intend to have.just to experiment....

i telnet into the firewall, add the following commands:

global (outside) 1 valid_outside_ip netmask 255.255.255.0

nat (inside) 1 10.0.0.0 255.0.0.0 0 0

Now i take a standalone PC, and

1.make the ip of this PC as 10.10.10.1. subnet mask 255.0.0.0 and default gateway as 192.231.232.190 (pix firewall)

2.plug it into the firewall (192.231.232.190) at one of the free ports on the inside interface.

3. try to ping, the firewall but fail to do so.

just in case u need the follwoing info. this is what i have on the pix

nameif ethernet0 outside security0

nameif ethernet1 inside security100

nameif ethernet2 dmz:2 security10

nameif ethernet3 statefailover:5 security20

nameif ethernet4 none2 security40

nameif ethernet5 statefailover security25

ip address outside 192.231.232.158 255.255.255.224

ip address inside 192.231.232.190 255.255.255.224

ip address dmz:2 192.231.232.222 255.255.255.224

ip address statefailover:5 1.1.1.1 255.255.255.0

ip address none2 2.2.2.2 255.255.255.0

ip address statefailover 3.3.3.1 255.255.255.0

Why cant i ping the firewall?

Labels:
0 Helpful
3 Replies 3

mostiguy
Level 6
Level 6

‎02-28-2003 10:12 AM

How are you routing to the 10.x.x.x subnet? Where does it live?

0 Helpful

0rsnaric
Level 1
Level 1

‎02-28-2003 10:13 AM

Are you actually plugging the pc into one of the ports on the pix's interfaces? Or do you have the pix plugged into a hub/switch?

If you are plugging it into the pix directly you will need a cross over cable, and you will need to plug the pc directly into the ethernet1 port. Also, the ip address of the PC, and the inside interface should be on the same subnet. You describe a configuration where the pc is on the 10.0.0.0 subnet, but the inside interface is on the 192.231.232.160 subnet.

~rls

vikrantarora
Level 1
Level 1
In response to 0rsnaric

‎02-28-2003 10:31 AM

i am plugging the pc directly into the ethernet port. well i was using a straight cable and a different subnet...i m gonna fix that and wud get bk to u if it still doesn't work...thanks

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents