Can't ping from Lan to DMZ on Pix

sivaalthi85 · ‎05-01-2012

Hi Friends,

Please help

I have one server in DMZ which is 10.129.50.4 and from internal Lan 10.128.1.0 I can ping to that server.

Now we got two more servers in DMZ which is 10.129.50.5 and 10.129.50.6 which is connected to the same switch as the first server connected to.

From lan I can ping to the existing server 10.129.50.4 and I can also ping in between the servers vice versa but not from lan to the two newly installed servers.

When i ping from lan i can see the traffic coming to the firewall.

Lan: 10.128.1.0

Server1: 10.129.50.4

New Servers : 10.129.50.5 and 10.129.50.6

Configuration on the PIX firewall;

access-list Lan_in line 11 extended permit ip 10.128.1.0 255.255.255.0 10.129.50.0 255.255.255.0 (hitcnt=173524)

Dan-Ciprian Cicioiu · ‎05-01-2012

Hi ,

Can you ping the new servers from the old dmz servers ?

Did you checked the default gateways of the newly installed servers ?

Did you checked also the netmask of the newly installed servers ?

Dan

sivaalthi85 · ‎05-01-2012

Hi Dan,

Thanks for your response.

I can ping New servers from old servers. they all are connected to same switch port 1 , 2 and 3.

Dan-Ciprian Cicioiu · ‎05-01-2012

Ok ,then you should :

- check the default gateways of the newly installed servers

- check the netmask config of the newly installed servers

Dan