1. Home
  2. Cisco Systems
  3. Cisco Pix 501 Newbie Problem

Cisco Pix 501 Newbie Problem

Hello,

I'm having a heck of a time accessing the start.html page after having successfully changed the default IP address of my Cisco PIX 501 to

10.0.0.1 255.255.0.0. Http server is enabled and set to 10.0.0.0 255.255.0.0. Dhcpd and dhcpd address range are changed to reflect the new IP change as well. This was accomplished through the CLI via the serial terminal.

I can connect the DSL, server and 35 clients and all can acces the internet and receive mail

I just can't get back to the unit through a WEB interface after the change. With the default settings, I would enter https://192.168.1.1/start.html and I would connect. Now with an IP address of 10.0.0.1 I can't access by way of https://10.0.0.1/start.html . I'm attempting to access via a laptop plugged in to one of the Cisco's ports. I can access by way of serial terminal on this laptop.

What step or missing config command am I not seeing here? I would like to get a better understanding of the gui interface as well as the CLI and I want to check out the VPN configuration through the WEB interface.

Any suggestions, further info needed, other newsgroup suggestions?

Thank You In Advance,

Buck

_______________________________________________________________________________ Posted Via Uncensored-News.Com - Accounts Starting At $6.95 -

formatting link
The Worlds Uncensored News Source

Reply to
Buck Rogers
Loading thread data ...

In article , Buck Rogers wrote: :I'm having a heck of a time accessing the start.html page after having :successfully changed the default IP address of my Cisco PIX 501 to :10.0.0.1 255.255.0.0.

Your http, pdm, and ssh commands are probably still set to the old IP range.

:What step or missing config command am I not seeing here? I would :like to get a better understanding of the gui interface as well as the :CLI and I want to check out the VPN configuration through the WEB :interface.

Go in through the serial port, give the login password, then 'enable' and give the enable password, then give the command

configure terminal

At the configure prompt, give the command

http 10.0.0.0 255.255.255.0 inside

After that you should be able to access via the GUI.

Once in the GUI, go to the Configuration item along the top, and select the System Properties tab. In the Administration section, you want to configure PDM/HTTPS and Telnet and Secure Shell

Reply to
Walter Roberson

In looking at the pdm location command, does equal the PIX hostname? Is this identifying the location of the PDM program?

As mentioned in my OP, http server is enabled with http 10.0.0.0

255.255.0.0 inside. Should this subnet be 255.255.255.0 as you mentioned above?

Thanks for the help, Walter!

Regards,

Buck

_______________________________________________________________________________ Posted Via Uncensored-News.Com - Accounts Starting At $6.95 -

formatting link
The Worlds Uncensored News Source

Reply to
Buck Rogers

Tip of the hat to Walter Roberson for his suggestions. Unfortunately, I still am unable to acces the GUI.

My config file follows:

: Saved : PIX Version 6.3(4) interface ethernet0 auto interface ethernet1 100full nameif ethernet0 outside security0 nameif ethernet1 inside security100 enable password 8Ry2YjIyt7RRXU24 encrypted passwd 2KFQnbNIdI.2KYOU encrypted hostname pixfirewall domain-name xxxxxxxx.xxx fixup protocol dns maximum-length 512 fixup protocol ftp 21 fixup protocol h323 h225 1720 fixup protocol h323 ras 1718-1719 fixup protocol http 80 fixup protocol rsh 514 fixup protocol rtsp 554 fixup protocol sip 5060 fixup protocol sip udp 5060 fixup protocol skinny 2000 fixup protocol smtp 25 fixup protocol sqlnet 1521 fixup protocol tftp 69 names pager lines 24 mtu outside 1500 mtu inside 1500 ip address outside xxx.xxx.56.29 255.255.255.252 ip address inside 10.0.0.1 255.255.0.0 ip audit info action alarm ip audit attack action alarm pdm location 10.0.0.0 255.255.0.0 inside pdm history enable arp timeout 14400 global (outside) 1 interface nat (inside) 1 0.0.0.0 0.0.0.0 0 0 route outside 0.0.0.0 0.0.0.0 xxx.xxx.56.30 1 timeout xlate 0:05:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225

1:00:00 timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00 timeout uauth 0:05:00 absolute aaa-server TACACS+ protocol tacacs+ aaa-server TACACS+ max-failed-attempts 3 aaa-server TACACS+ deadtime 10 aaa-server RADIUS protocol radius aaa-server RADIUS max-failed-attempts 3 aaa-server RADIUS deadtime 10 aaa-server LOCAL protocol local http server enable http 10.0.0.0 255.255.0.0 inside no snmp-server location no snmp-server contact snmp-server community public no snmp-server enable traps floodguard enable telnet timeout 5 ssh timeout 5 console timeout 0 dhcpd address 10.0.0.2-10.0.0.129 inside dhcpd dns xxx.xxx.98.98 xxx.xxx.42.42 dhcpd lease 3600 dhcpd ping_timeout 750 dhcpd auto_config outside dhcpd enable inside terminal width 80 Cryptochecksum:871652e553896e43834a961f76223a7e : end [OK]

When I was able to access the GUI at the defaulf IP address, it was a laptop connected to the pix through an ethernet cable from laptop to port 2 of the firewall. I've tried cross-over cables and all the other ports, but no luck. I know I'm overlooking something obvious, but I can't see it.

Regards,

Buck

_______________________________________________________________________________ Posted Via Uncensored-News.Com - Accounts Starting At $6.95 -

formatting link
The Worlds Uncensored News Source

Reply to
Buck Rogers

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.