1. Home
  2. Cisco Systems
  3. Pix515e 3-Ethernet DMZ

Pix515e 3-Ethernet DMZ

I can't see my own servers on their outside address. I can only see them on the DMZ address.

Anybody ?

Reply to
David Henzler
Loading thread data ...

formatting link

Reply to
Artie Lange

Anybody what?

You made a statement that the PIX is working as designed and configured.

Reply to
Rod Dorman

Have you configured inbound rules on your outside interface?

access-list outside_access_in extended permit tcp any host eq 80 assuming it is a web server being presented to the outside interface from DMZ

Have you configured static nat statements?

static (dmz,outside) outside_ip dmz_ip netmask 255.255.255.255

Regards

Reply to
jrguent

My design is not working yet. But then this is my first time using this device, and software. I've spent time reading, and trying to understand the methods of use. Sadly I have no training in this area, but am learning.

Discovered that putting things in the same pool number mean that they are lumped together in the rule. Books didn't say this, although it may have been inferred, I missed the inferrence.

My "working" statement was in response to the guy who said I may not have sufficient RAM. And to this point my Pix had been a brick. Although I had set everything I could think of, I probably had missed setting the gateway address for the dsl modem. Thus... going to DHCP on that port made things come alive. And so sir....

What I said was:

"Turns out that the configuration was correct, and I have sufficient RAM. The problem was that DNS wasn't functioning, and switching from STATIC to DHCP on Ethernet0 did the trick.

The 5.2(4)ASDM software works fine, however the latest book I can find on the WEB is not the same GUI, and it's difficult to follow the proceedures when they differ. The latest version does things for you that previous versions required the user to do for themselves. I'd say the new version is just fine. Let's see a booklet from Cisco that covers it.

Cisco wouldn't talk to me when I called, stating that my product was a "Gray Market" and I informed them that since they no longer sold or supported it that the fact that I wasn't the original owner shouldn't have been such an issue. Cisco repells business relationships with such an attitude. Use of older equipment by private individuals for personal use, or the startup business as in my case are ways for people to become Cisco customers, and learn about the value of having their hardware. Shunning us such a market sends us elesewhere."

Regards

David

Reply to
David Henzler

Thanks... I'll try configuring some outside rules this weekend.

Reply to
David Henzler

I don't see where to add the outside Gateway address for the Ethernet0.

Reply to
David Henzler

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.