03-13-2006 02:50 AM - edited 03-03-2019 12:01 PM
I have a webserver on our DMZ and created a translation exemption rule from my PC (inside) to this DMZ server. I have done nothing else and I can use a web browser to get to it. I have created no rules for http or anything - should this happen??
03-13-2006 02:53 AM
That is fine - you are going from a trusted interface (inside) to a less trusted interface (dmz) so that is okay. The PIX imposes stricter controls on packets from less trusted interfaces to more trusted interfaces.
So what you are seeing is as per design.
Hope that helps - pls rate the post if it does.
Paresh
03-13-2006 03:36 AM
Thanks, what I don't understand is that I can get onto the Http website but not the Shares or anything else. It's actually only the web site I need, but may need the shares too later.
03-13-2006 03:40 AM
If you can't get into the shares, I suspect that it's not the firewall that is the problem. If you have not configured any form of access control, then you should be able to access everything through the PIX.
Paresh
03-13-2006 05:24 AM
so as long as i have the Translation exempt rule in from my PC to the DMZ webserve then everything should be acceccible? no extra rules are needed?
03-13-2006 04:12 PM
That is correct.
Pls remember to rate posts that help.
Paresh
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: