I'm setting up my first DMZ on my PIX 515E, and I can't seem to get the IP routing working. The DMZ interface IP address is x.39.9.129 255.255.255.128, and I'm not using NAT on any of the interfaces (static translations of all routable IPs).
When I try to ping any of the other interfaces from the DMZ interface I get no reply. I can connect a computer directly to the DMZ interface with a crossover cable and ping it, but obvously still can't get to any other interfaces. I guess I have a missing route causing the trouble, but can't seem to figure it out! Here are the relevant (I think) configs:
cygnus(config)# sh ip
System IP Addresses:
ip address outside 192.64.1.122 255.255.255.0
ip address inside 134.39.9.2 255.255.255.0
ip address dmz 168.156.9.129 255.255.255.128
cygnus(config)# sh route
outside 0.0.0.0 0.0.0.0 x.x.1.121 1 OTHER static
inside x.39.9.0 255.255.255.0 x.39.9.2 1 CONNECT static
dmz x.156.9.128 255.255.255.128 x.156.9.129 1 CONNECT static
outside x.64.1.0 255.255.255.0 x.64.1.122 1 CONNECT static
cygnus(config)# sh static
static (inside,outside) x.39.9.0 x.39.9.0 netmask 255.255.255.0 0 0 norandomseq
static (dmz,outside) x.156.9.128 x.156.9.128 netmask 255.255.255.128 0 0
What am I missing? Thanks!
When I try to ping any of the other interfaces from the DMZ interface I get no reply. I can connect a computer directly to the DMZ interface with a crossover cable and ping it, but obvously still can't get to any other interfaces. I guess I have a missing route causing the trouble, but can't seem to figure it out! Here are the relevant (I think) configs:
cygnus(config)# sh ip
System IP Addresses:
ip address outside 192.64.1.122 255.255.255.0
ip address inside 134.39.9.2 255.255.255.0
ip address dmz 168.156.9.129 255.255.255.128
cygnus(config)# sh route
outside 0.0.0.0 0.0.0.0 x.x.1.121 1 OTHER static
inside x.39.9.0 255.255.255.0 x.39.9.2 1 CONNECT static
dmz x.156.9.128 255.255.255.128 x.156.9.129 1 CONNECT static
outside x.64.1.0 255.255.255.0 x.64.1.122 1 CONNECT static
cygnus(config)# sh static
static (inside,outside) x.39.9.0 x.39.9.0 netmask 255.255.255.0 0 0 norandomseq
static (dmz,outside) x.156.9.128 x.156.9.128 netmask 255.255.255.128 0 0
What am I missing? Thanks!