[c-nsp] Pix 515 Question :

Jean-Philippe Le Henaff togusa at free.fr
Tue Sep 28 05:00:42 EDT 2004 

In fact, I removed the whole configuration, so now, I don't have anything to
show. I just wanted to know if someone can send me a "sample" configuration.

my show ver :
Cisco PIX Firewall Version 6.3(3)
...
Hardware:   PIX-515, 64 MB RAM, CPU Pentium 200 MHz
Flash i28F640J5 @ 0x300, 16MB
BIOS Flash AT29C257 @ 0xfffd8000, 32KB

0: ethernet0: address is 0050.54ff.0e10, irq 10
1: ethernet1: address is 0050.54ff.0e11, irq 7
2: ethernet2: address is 00e0.b601.0042, irq 9
3: ethernet3: address is 00e0.b601.0041, irq 9
4: ethernet4: address is 00e0.b601.0040, irq 9
5: ethernet5: address is 00e0.b601.003f, irq 9

Thanks for your help

JP

Selon Bryan <bryan at tec-works.com>:

> Can you send a copy of "show ver" and a "show config"
>
>
>
>
> thanks,
>
> Bryan
>
> --
> +---------------------------------------------------+
> | Bryan Welch                  Direct:(425)844-8500 |
> | Tec-Works LLC                Cell:  (206)920-5718 |
> |  Total Network Solutions     Fax:   (425)844-8637 |
> |                              bryan at tec-works.com  |
> |                                                   |
> |            <<--WWW.TEC-WORKS.COM-->>              |
> +---------------------------------------------------+
>
>
>
> On Mon, 27 Sep 2004, Jean-Philippe Le Henaff wrote:
>
> > Date: Mon, 27 Sep 2004 15:49:42 +0200
> > From: Jean-Philippe Le Henaff <togusa at free.fr>
> > To: cisco-nsp at puck.nether.net
> > Subject: [c-nsp] Pix 515 Question :
> >
> > Hello there,
> >
> > I have a Cisco Pix 515, I want to do a VPN on the DMZ interface and I want
> those
> > VPN users to be able to see my inside interface, and the outside interface
> >
> > It looks like this :
> >
> >
> > Internet------(outside 1.1.1.128/25)[PIX](inside 10.0.0.0/8)-----LAN
> >                                       |
> >                                       |
> >                                 (DMZ 1.1.1.0/25)
> >                                       |
> >
> > In fact, I need that VPN users connects on the DMZ interface (1.1.1.122),
> to be
> > able to see computers on the inside interface and also be able to surf on
> the
> > web with the connection.
> >
> > For the moment, I tried to configure and it doesn't work as I want.
> > I have that kind of errors :Sep 27 11:31:28 10.185.1.202 :Sep 27 11:27:13
> CEDT:
> > %PIX-3-106011: Deny inbound (No xlate) tcp src DMZ:10.185.1.14/2219 dst
> > DMZ:213.228.61.14/80
> > Sep 27 11:27:13 CEDT: %PIX-3-106011: Deny inbound (No xlate) tcp src
> > DMZ:10.185.1.14/2220 dst DMZ:213.228.61.14/80
> > Sep 27 11:27:16 CEDT: %PIX-3-106011: Deny inbound (No xlate) tcp src
> > DMZ:10.185.1.14/2219 dst DMZ:213.228.61.14/80
> >
> > Thanks for help
> >
> > _______________________________________________
> > cisco-nsp mailing list  cisco-nsp at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/cisco-nsp
> > archive at http://puck.nether.net/pipermail/cisco-nsp/
> >
>
>

More information about the cisco-nsp mailing list