[c-nsp] PIX firewall problem

Mohammad khalil mkhalil at batelco.jo
Mon Sep 24 02:30:04 EDT 2007


 

access-list CSM-acl-DMZ-slot:2-V2 permit ip host 172.16.1.88 any 

static (DMZ-slot:2,outside) x.x.x.88 172.16.1.88 netmask 255.255.255.255
0 0

 

even if u opened everything from outside through an access-list , it
didn't work and issuing show xlate produces:

Global 172.16.1.88 Local 172.16.1.88

Which should be 

Global x.x.x.88 Local 172.16.1.88

After maybe 15 min it worked and everything was ok !!

 

________________________________

From: Ahmad Al-Dosari [mailto:adosari at gmail.com] 
Sent: Monday, September 24, 2007 12:16 AM
To: Mohammad khalil
Cc: cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] PIX firewall problem

 

Past your configuration here...




On 9/23/07, Mohammad khalil <mkhalil at batelco.jo> wrote:

We have a 525 PIX firewall, the problem we are facing is that we a dmz
that we use for servers when we configure a private IP address with an
access list and static mapping with real IP address, the global address
appears as the local one which is incorrect, I made xlate for both the
local and global addresses and after maybe 15 min it worked by itself.

Can anyone help in this?



Mohammad Khalil

Core Network Engineer 







_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

 



More information about the cisco-nsp mailing list