[c-nsp] PIX questions
Ted Mittelstaedt
tedm at toybox.placo.com
Fri May 9 03:50:15 EDT 2008
please post the entire pix config
Ted
> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net
> [mailto:cisco-nsp-bounces at puck.nether.net]On Behalf Of Rudy Setiawan
> Sent: Friday, May 09, 2008 12:05 AM
> To: cisco-nsp at puck.nether.net
> Subject: [c-nsp] PIX questions
>
>
> Hi all,
>
> I have a question about PIX translation
>
> An outside interface has IP address:
> 192.168.1.2 255.255.255.0
>
> An DMZ interface has IP address:
> 10.1.1.2 255.255.255.0
>
>
> Current translation:
> 10.1.1.3 -> 192.168.1.3
> 10.1.1.4 -> 192.168.1.4
>
>
> How can I make it so that 10.1.1.3 is able to ping the IP "192.168.1.4"?
> How can I make it so that anyone behind 10.1.1.0/24 network is able to
> ping the IP "192.168.1.4"?
>
> Consider the ICMP is allowed any any.
>
> I tried to configure it but the ASDM log say
> "Deny IP Spoof From 192.168.1.2 to 192.168.1.4 on interface outside"
>
> Thank you for your help in advance.
>
> Regards,
> Rudy
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
More information about the cisco-nsp
mailing list