Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Any Ideas Why This is Not Working?

Status
Not open for further replies.
MISdad

MISdad

Technical User
May 5, 2004
34
0
0
I'm trying to install a PIX 506 in a customer network with the following configuration.

Internet - Netopia R7100C DSL Router w/ Switch - PIX - Internal Network

Here's what I've tried so far to no avail.

The Netopia R7100C is configured to use PPP from the provider and pulls it's WAN settings from them. I configured the internal address of the R7100C to be 172.16.0.1 and turned off DHCP. I then configured the outside interface on the PIX with the address of 172.16.0.2, plugged the outside interface of the PIX into the R7100C. I am unable to ping the R7100C from the PIX.

I then turned DHCP in the R7100C back on and configured the outside interface of the PIX to get it's address via DHCP. The PIX does get an address from the R7100C via DHCP, but I am still unable to ping between them.

This doensn't seem like it should be rocket science. With the 2 devices being in the same network, they should be able to talk to each other.

Any suggestions would be greatly appreciated.
 
Sort by date Sort by votes
Make sure they are configured to use the same link speed..

100/10, Full or Half Duplex...

The PIX does have an Auto setting, but sometimes it does not work correctly.

Computer/Network Technician
CCNA
 
Upvote 0 Downvote
I will double check this but I don't think this is the problem since the PIX was assigned an IP address from the Netopia router using it's DHCP.

 
Upvote 0 Downvote
I'm sorry, I thought you said it did NOT get an IP from DHCP....

If that's the case... why do you need to ping it... you've already established that their is connectivity between the two...

Computer/Network Technician
CCNA
 
Upvote 0 Downvote
Try permitting icmp echo-reply into the outside interface.
 
Upvote 0 Downvote
A few questions out of a lot that need answers, at least based upon your request - do you have one global statement and two nat statements when you do a wr t or sh tech? By default, a PIX denies all inbound or outbound packets between interfaces unless you specifically permit access. That's one reason why they work so well - and also why the learning curve on them is steep. Have you set up the access-list(s)? Have you tried submitting your sh tech output to the output interpreter? Are you also planning ahead... have you set up the certification authority (ca) so you can gain SSH access after you turn off telnet?

I would take a look at the PIX example setups here:

If the PIX is new, it comes with L3 support. Open a TAC at the support site.

I assume you have a copy of the command reference handy (also available from the Cisco PIX support site)? If the PIX is not something with which you have a high degree of familiarity, you will not be able to set it up properly without it. It may not be rocket science, but it's not a no-brainer, either.

output interpreter (you must sign up on the TAC site to gain access to this):
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sparrow4
  • Locked
  • Question
AnyConnect + Azure + SAML
Replies
0
Views
96
Sparrow4
Sparrow4
disturbedone
  • Locked
  • Question
proxy.pac not working correctly in IE11
Replies
0
Views
44
disturbedone
disturbedone
DROFNUD
  • Locked
  • Helpful tip
Smartcenter Dashboard - Searching for "Any" keyword
Replies
0
Views
34
DROFNUD
DROFNUD
Tommy_T
  • Locked
  • Question
Sonic wall - Have an issue remotely connectioning VNC and SMB (and AFP) to one of the 2 ISP circuits
Replies
1
Views
114
nnaarrnn
nnaarrnn
GeorgeAlba
  • Locked
  • Question
What do you think about this proxy
Replies
0
Views
53
GeorgeAlba
GeorgeAlba

Part and Inventory Search

Sponsor

Back
Top