Solaris and Firewall question

- R
- Rob
  
  Contact options for registered users
posted
19 years ago

Mon, Mar 14, 2005 1:59 PM

Hi,

Recently I replaced my old firewall with a Cisco PIX one, and translated all commands, now everything seems to be fine except I cannot get out from my Sun 5.8 (no ping and traceroute outside), also I cannot open a page (port

80)on this box from outside, this is the only Unix based machine I have, and all other servers and workstations are Windows and they seem to be fine. I deleted the mac address for the old firewall using arp -d but didn't work. Does anyone know how to fix this problem?

Thanks in advance for any help.

Loading thread data ...

- W
- William L. Sun
  
  Contact options for registered users
Vote on answer
posted
19 years ago

Tue, Mar 15, 2005 4:59 AM

On PIX, outbound ICMP is enabled by default unless you have disabled it. For inbound traceroute, you can use

access-group incoming in interface outside access-list incoming permit icmp any host 1.1.1.1 unreachable access-list incoming permit icmp any host 1.1.1.1 time-exceeded

1.1.1.1 is your UNIX host ip. Do you use PAT or NAT in your outbound connection?

William

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.