[c-nsp] PIX515 don't want to allocate ip address on interface.

Joseph Jackson JJackson at aninetworks.com
Fri Aug 4 13:36:53 EDT 2006 

Can you do a show interface?
 

> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net 
> [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Nikolay Pavlov
> Sent: Friday, August 04, 2006 6:51 AM
> To: Laurent Geyer
> Cc: cisco-nsp at puck.nether.net
> Subject: Re: [c-nsp] PIX515 don't want to allocate ip address 
> on interface.
> 
> On Thursday,  3 August 2006 at 17:11:26 -0400, Laurent Geyer wrote:
> > On 8/3/06, Laurent Geyer <lgeyer at 085zehn.com> wrote:
> > >
> > > You're missing the default route.
> > >
> > > Try adding `route outside 0.0.0.0 0.0.0.0 <gateway IP>'.
> > >
> > > - Laurent
> > >
> > 
> > 
> > My bad, skipped right over the default route in your configuration.
> > 
> > With your current configuration the outside interface 
> should at least 
> > respond to ICMP echo requests, whether you have an access-group 
> > defined for the outside interface or not. Start by verifying your 
> > outside interfaces connectivity.
> There is no problem with connetivity, i see even packets going there.
> But i think that PIX simply do not use this ip address ( i've 
> used even static arp entry on router)
> > 
> > Also, for the purpose of managing the Pix via the outside interface 
> > you have to define the hosts permitted to connect via SSH 
> as follows:
> > 
> > `ssh <src network> <netmask> <interface>'
> 
> I know all that things but the problem i think much more 
> stupid when i use "sh ip address" command to view current ip 
> addresses it's empty i see only configured ip's, but not 
> allocated. Here it is:
> 
> x515-fw1-NY# sh ip address
> System IP Addresses:
> Interface                Name                   IP address      Subnet
> mask     Method
> Ethernet0                outside                206.53.57.54 
> 255.255.255.192 CONFIG
> Ethernet1                inside                 192.168.1.1 
> 255.255.255.0   CONFIG
> Current IP Addresses:
> Interface                Name                   IP address    
>   Subnet mask     Method
> It's empty here... And realy smash my head about this :)
> 
> Try it on your PIX device.
> 
> --
> ==============================================================
> ===========
> = Best regards, Nikolay Pavlov. 
> <<<------------------------------------ = 
> ==============================================================
> ===========
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net 
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>

More information about the cisco-nsp mailing list