Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Replacing a pix 520 with a 525

Our school has purchased a 525 with version 6.1(4) code on it and it will replace a pix 520 with version 5.0(1).

When I installed the exact same config on the new pix, email and our proxy server were not working. Both are natted. All other non natted internal addresses work fine accessing the internet (not using our internal proxy).

What changes are made from the 2 versions of code that could cause this?

2 REPLIES
Community Member

Re: Replacing a pix 520 with a 525

Did you make sure that you are using the same interface slots on the new Pix 525

Community Member

Re: Replacing a pix 520 with a 525

Changed the ip addresses but this it the config

Building configuration...

: Saved

:

PIX Version 5.0(1)

nameif ethernet0 outside security0

nameif ethernet1 inside security100

fixup protocol ftp 21

fixup protocol http 80

fixup protocol smtp 25

fixup protocol h323 1720

fixup protocol rsh 514

fixup protocol sqlnet 1521

names

pager lines 24

no logging timestamp

no logging standby

no logging console

no logging monitor

no logging buffered

logging trap errors

logging facility 20

logging queue 512

logging host inside X.X.X.X

interface ethernet0 100basetx

interface ethernet1 100basetx

mtu outside 1500

mtu inside 1500

ip address outside 168.1.1.3 255.255.255.0

ip address inside 172.16.28.4 255.255.254.0

no failover

failover timeout 0:00:00

failover ip address outside 0.0.0.0

failover ip address inside 0.0.0.0

arp timeout 14400

global (outside) 1 168.169.1.10

nat (inside) 1 172.16.28.9 255.255.255.255 0 0 (proxy server)

nat (inside) 0 172.16.0.0 255.255.0.0 0 0

static (inside,outside) 168.169.1.29 172.16.28.21 netmask 255.255.255.255 0 0 (email)

access-list 111 permit tcp any host 168.169.1.29

access-group 111 in interface outside

no rip outside passive

no rip outside default

no rip inside passive

no rip inside default

route outside 0.0.0.0 0.0.0.0 168.169.1.1 1

route inside 172.16.0.0 255.255.0.0 172.16.28.1 1

timeout xlate 3:00:00 conn 1:00:00 half-closed 0:10:00 udp 0:02:00

timeout rpc 0:10:00 h323 0:05:00

timeout uauth 0:05:00 absolute

aaa-server TACACS+ protocol tacacs+

aaa-server RADIUS protocol radius

no snmp-server location

no snmp-server contact

snmp-server community public

no snmp-server enable traps

telnet timeout 5

terminal width 80

Cryptochecksum:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

: end

[OK]

nfhs-firewall#

281
Views
0
Helpful
2
Replies
CreatePlease to create content