[c-nsp] PIX question
Brad Hedlund
brhedlun at cisco.com
Fri Jan 9 15:16:18 EST 2009
On 1/9/09 1:05 PM, "chloe K" <chloekcy2000 at yahoo.ca> wrote:
> Hi all
>
> I enable the http and snmp community in dmz 192 network
>
> http server enable
> http 192.168.0.0 255.255.255.0 dmz
>
> snmp-server community aaabbbb
>
> but I can't access both (httpd and snmpwalk) in any hosts of 192.168.0.0
> network
>
> What am I doing wrong?
What you have done is enable the PIX itself to be managed via HTTP and
allowed host on the 192.168.0.0 DMZ to manage the PIX with HTTP. You have
also tuned on SNMP management of the PIX itself.
If you want the PIX to pass HTTP and SNMP traffic to the hosts on the
192.168.0.0 network you will need to allow that traffic in an access list
applied to the appropriate interfaces.
Like this:
http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/nwacc
ess.html
Hope this helps.
Cheers,
Brad Hedlund
bhedlund at cisco.com
http://www.internetworkexpert.org
More information about the cisco-nsp
mailing list