Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

problem in nat implementation.

i hav pix up and running. at present i dont have any address translations, but intend to have.just to experiment....

i telnet into the firewall, add the following commands:

global (outside) 1 valid_outside_ip netmask 255.255.255.0

nat (inside) 1 10.0.0.0 255.0.0.0 0 0

Now i take a standalone PC, and

1.make the ip of this PC as 10.10.10.1. subnet mask 255.0.0.0 and default gateway as 192.231.232.190 (pix firewall)

2.plug it into the firewall (192.231.232.190) at one of the free ports on the inside interface.

3. try to ping, the firewall but fail to do so.

just in case u need the follwoing info. this is what i have on the pix

nameif ethernet0 outside security0

nameif ethernet1 inside security100

nameif ethernet2 dmz:2 security10

nameif ethernet3 statefailover:5 security20

nameif ethernet4 none2 security40

nameif ethernet5 statefailover security25

ip address outside 192.231.232.158 255.255.255.224

ip address inside 192.231.232.190 255.255.255.224

ip address dmz:2 192.231.232.222 255.255.255.224

ip address statefailover:5 1.1.1.1 255.255.255.0

ip address none2 2.2.2.2 255.255.255.0

ip address statefailover 3.3.3.1 255.255.255.0

Why cant i ping the firewall?

3 REPLIES
Silver

Re: problem in nat implementation.

How are you routing to the 10.x.x.x subnet? Where does it live?

New Member

Re: problem in nat implementation.

Are you actually plugging the pc into one of the ports on the pix's interfaces? Or do you have the pix plugged into a hub/switch?

If you are plugging it into the pix directly you will need a cross over cable, and you will need to plug the pc directly into the ethernet1 port. Also, the ip address of the PC, and the inside interface should be on the same subnet. You describe a configuration where the pc is on the 10.0.0.0 subnet, but the inside interface is on the 192.231.232.160 subnet.

~rls

New Member

Re: problem in nat implementation.

i am plugging the pc directly into the ethernet port. well i was using a straight cable and a different subnet...i m gonna fix that and wud get bk to u if it still doesn't work...thanks

122
Views
3
Helpful
3
Replies
CreatePlease login to create content