Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
-
Strange problem with PIX506
Problem solved.... I turned out to be a problem that zonealarm was also running on that server. (not my own server, a customers) After entering the port here in allow it works perfectly... Thanks for the help anyway...- rbnstudio
- Post #5
- Forum: Security, hacker detection & forensics
-
Strange problem with PIX506
My static command looks like this: nat (inside) 0 xxx.xxx.xxx.0 255.255.255.224 0 0 static (inside,outside) xxx.xxx.xxx.0 xxx.xxx.xxx.0 netmask 255.255.255.224 0 0 I'm using public ip's on the inside, therefor no nating.- rbnstudio
- Post #3
- Forum: Security, hacker detection & forensics
-
Strange problem with PIX506
I have a PIX506. I cannot connect to a specific port(5905) from the outside to a specific computer on the inside. However connections to other ports(like 80) to the same computer on the inside works fine, and connections to the port(5905) on other machines on the inside also works fine. Here...- rbnstudio
- Thread
- Replies: 4
- Forum: Security, hacker detection & forensics
-
Pix506 can't access some ip's
Yes, It was the static command that was missing. It seems a bit strange since the static command does not figure at all in the Cisco examples on how to configure without NAT.- rbnstudio
- Post #8
- Forum: Security, hacker detection & forensics
-
Pix506 can't access some ip's
I've now tried to watch what happens by turning log on. After the Pix has been restarted and I try to ping from outside to one of the servers on the internal interface, this appears in the log: 106010: Deny inbound icmp src outside:xxx.xxx.xxx.xxx dst inside: xxx.xxx.xxx.xxx (type 8, code0)...- rbnstudio
- Post #6
- Forum: Security, hacker detection & forensics
-
Pix506 can't access some ip's
HI, I have the NAT commando: nat (inside) 0 xxx.xxx.xxx.0 255.255.255.224 0 0 xxx.xxx.xxx.0 is my subnet So the static commando should not be needed then? I have the following in the access-list access-list outside_access_in permit icmp any any echo-reply access-list outside_access_in permit...- rbnstudio
- Post #5
- Forum: Security, hacker detection & forensics
-
Pix506 can't access some ip's
I have checked this! It's set correct. All servers has the Default gw set to the Pix's internal interface ip. My setup is like this, without NAT http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_60/config/examples.htm#xtocid1 Could it be the static paramter that is missing? Or is...- rbnstudio
- Post #3
- Forum: Security, hacker detection & forensics
-
Pix506 can't access some ip's
I just implemented a Pix506. No NAT used. Means public ip's on the Pix's internal interface. But some of the ip'a on the internal interface of the Pix cannot be reached from outside... I have totally opened for ICMP packets. And the access-lists has "any" "any" in...- rbnstudio
- Thread
- Replies: 7
- Forum: Security, hacker detection & forensics
