Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Proxy Server on DMZ interface...some hints

I have a PIX 515 with three interfaces (inside,outside, and DMZ). We want to install a Proxy Server on the DMZ, so that all inside hosts will access the Proxy first instead of going to the Internet directly. The Proxy will be a Microsoft ISA application. The customer wants to have transparent authentication on the Proxy. That is, the Proxy should know the user name of the inside host, and not require further authentication. Does anybody know if the PIX will allow the NetBIOS name of the inside user pass though from inside to the DMZ, so that to be authenticated on the Proxy?

Any hints on that?



Re: Proxy Server on DMZ interface...some hints

Yes, make a network static from the inside to the DMZ without NAT and then open tcp and udp 135-139 and you should be set. You might need to put in a WINS server if you don’t have one already because NetBios names will not work properly thru the PIX (they’re broadcasts looking for the browse-master. These broadcasts are blocked by the PIX.)

CreatePlease to create content