I have a LAN segment (10.10.1.0) that connects to the Internet through a PIX 501 firewall (PIX1), fairly typical settings using a Pooled NAT address (67.135.65.90). In a separate stack, I have a bunch of web servers (192.168.1.0) that connect to the Internet through another PIX
501 firewall (PIX2) using static NAT for each device (67.135.65.66 - 80).I want to be able to access fileshares and other services running on the web server stack from my LAN, so I ALLOWed all incoming traffic on PIX2 from address 67.153.65.90 for TCP and UDP on all ports.
Most of the time, I can see the web server fileshares via their UNC paths. When I do this, I am prompted for credentials on the web server machine (so this is not using Windows Integrated Authentication in any way). Occasionally, I get "network path not found", but only rarely. I can generally interact with most file types (open, save, rename, delete, etc). But I have two recurring problems:
- When copying large numbers of files or large files to/from the fileshares, 50% of the time (approx), I get a message partway through the process that the "Network name is no longer available". If I keep trying, the procedure will eventually work.
- 99% of the time, I can not open an ArcGIS project file (.mxd) from the file share. ArcGIS complains with a variety of different error messages, but almost always fails. I do not think this is an ArcGIS bug, but rather something related to the issues in 1 above.
Has anyone succesfully set up file sharing over the web where your origin is a NATted LAN and your destination is another NATted LAN? The connection path is direct (the two PIXes plug into a switch that then plugs into the WAN router), so I don't think it's a routing or a latency issue. My other thought is that it might be related to the fact that the external addresses of each PIX (a single pooled address on PIX1 and multiple static NAT addresses on PIX2) are in the same subnet.
Thanks for any help,
John