Experts,
I have a 7200 Cisco router connected via e0 to a pix e0:
Router-e0-ip-65.38.147.105/29 <-------> pix-e0-ip-65.38.147.106/29 <--------> pix-e1-ip-66.198.216.1-snm- 255.255.248.0
From the router I can ping the pix e0 port but I can not ping to the e1 port of the pix. From e1 of pix I can not ping e0 of pix. Bassically my problem is the pix is not routing the anything unknown to the wan side of the pix and the router dosent know about the pix lan side adresses here are my configs please help me.
Pix config
nameif ethernet0 outside security0
nameif ethernet1 inside security100
interface ethernet0 100baset
interface ethernet1 100baset
ip address outside 65.38.147.106 255.255.255.252
ip address inside 66.198.216.1 255.255.248.0
hostname pixfirewall
arp timeout 14400
no failover
names
pager lines 24
logging buffered debugging
nat (inside) 0 66.198.216.1 255.255.248.0
route outside 0.0.0.0 0.0.0.0 65.38.147.105 1
access-list ping_acl permit icmp any any
access-group ping_acl in interface inside
access-group ping_acl in interface dmz
access-list acl_out permit icmp any any
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00
udp 0:02:00 rpc 0:10:00 h323 0:05:00
sip 0:30:00 sip_media 0:02:00
timeout uauth 0:05:00 absolute
no snmp-server location
no snmp-server contact
snmp-server community public
mtu outside 1500
mtu inside 1500
Router Config
Using 2020 out of 129016 bytes
version Syste
!h
version 12.3oftware stat
service timestamps debug uptime ethernet, address is 000
voi
service timestamps log uptime
CMCMD>show ?
!a
syscon address 65.38.144.70 r1nt3rn3tU 1500 bytes, BW 100000 Kbit
aal2
syscon shelf-id 0commands for AAL2
ip subnet-zero
!
!
!
ip cefalps
mpls ldp logging neighbor-changes
0 pack
!s
!
!
!
!
!
!S
!n
!r
no voice hpi capture buffer
auto
no voice hpi capture destination
Null
Booti
!
!
!
!
!a
!u
interface FastEthernet0/0unts, 0 giants###########
description 65.38.147.104/29 - glue towards PIX for 66.198.216.0
bootflash: display information about bootf
ip address 65.38.147.105 255.255.255.248 0 overrun, 0 ignored, 0 abortage success
no ip redirects Boot and r
no ip proxy-arpt variab
no ip route-cache
interface Ethernet1/1aller Disp
no ip address about dialup
no ip redirects
no ip proxy-arp Size: 0x800
no ip route-cache CCA inf
shutdown 0 b
duplex halfe collision
!c
interface Ethernet1/2Manager Application i
no ip address
no ip redirects
no ip proxy-arp CDAPI in
no ip route-cache 5 lost carrie
shutdown cef
duplex halfsco Express
!r
interface Ethernet1/3
1 packe
no ip address
no ip redirects28 MBd commandac
no ip proxy-arp
class-map
no ip route-cachelass Map
shutdown
duplex halflock
!
interface Serial2/0
!
interface Serial2/1
controllers
no ip addresstroller status
shutdown055-02 Re
serial restart_delay 0
cops
!C
interface Serial2/2 0 no carrier)#side
no ip addresscrm
shutdownr Resourc
serial restart_delay 0
!
interface Serial2/3ening Displ
no ip addressformationoftwa
shutdownited
serial restart_delay 0
dial-peer D
!l
interface FastEthernet4/0.g. VoIP Peers Interface
no ip address0000043rker
shutdown
duplex halfr
!i
ip classlessrs and stati
ip route 0.0.0.0 0.0.0.0 65.38.144.65are (0/1)ation: ONe
diffserv
ip route 66.0.0.0 255.0.0.0 65.38.144.65
scr
!t
snmp-server community pubnmm RO DRiP DBmpl
snmp-server community public RO 99 DSS information
Hardware is
!
!
dial-peer cor custom
!
!
!
!
gatekeeper
shutdown
!
!
line con 0
stopbits 1
line aux 0
stopbits 1
line vty 0 4
password r1nt3rn3t
login
!
!
!
end
CMCMD#
Thanks for any help u can give...
I have a 7200 Cisco router connected via e0 to a pix e0:
Router-e0-ip-65.38.147.105/29 <-------> pix-e0-ip-65.38.147.106/29 <--------> pix-e1-ip-66.198.216.1-snm- 255.255.248.0
From the router I can ping the pix e0 port but I can not ping to the e1 port of the pix. From e1 of pix I can not ping e0 of pix. Bassically my problem is the pix is not routing the anything unknown to the wan side of the pix and the router dosent know about the pix lan side adresses here are my configs please help me.
Pix config
nameif ethernet0 outside security0
nameif ethernet1 inside security100
interface ethernet0 100baset
interface ethernet1 100baset
ip address outside 65.38.147.106 255.255.255.252
ip address inside 66.198.216.1 255.255.248.0
hostname pixfirewall
arp timeout 14400
no failover
names
pager lines 24
logging buffered debugging
nat (inside) 0 66.198.216.1 255.255.248.0
route outside 0.0.0.0 0.0.0.0 65.38.147.105 1
access-list ping_acl permit icmp any any
access-group ping_acl in interface inside
access-group ping_acl in interface dmz
access-list acl_out permit icmp any any
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00
udp 0:02:00 rpc 0:10:00 h323 0:05:00
sip 0:30:00 sip_media 0:02:00
timeout uauth 0:05:00 absolute
no snmp-server location
no snmp-server contact
snmp-server community public
mtu outside 1500
mtu inside 1500
Router Config
Using 2020 out of 129016 bytes
version Syste
!h
version 12.3oftware stat
service timestamps debug uptime ethernet, address is 000
voi
service timestamps log uptime
CMCMD>show ?
!a
syscon address 65.38.144.70 r1nt3rn3tU 1500 bytes, BW 100000 Kbit
aal2
syscon shelf-id 0commands for AAL2
ip subnet-zero
!
!
!
ip cefalps
mpls ldp logging neighbor-changes
0 pack
!s
!
!
!
!
!
!S
!n
!r
no voice hpi capture buffer
auto
no voice hpi capture destination
Null
Booti
!
!
!
!
!a
!u
interface FastEthernet0/0unts, 0 giants###########
description 65.38.147.104/29 - glue towards PIX for 66.198.216.0
bootflash: display information about bootf
ip address 65.38.147.105 255.255.255.248 0 overrun, 0 ignored, 0 abortage success
no ip redirects Boot and r
no ip proxy-arpt variab
no ip route-cache
interface Ethernet1/1aller Disp
no ip address about dialup
no ip redirects
no ip proxy-arp Size: 0x800
no ip route-cache CCA inf
shutdown 0 b
duplex halfe collision
!c
interface Ethernet1/2Manager Application i
no ip address
no ip redirects
no ip proxy-arp CDAPI in
no ip route-cache 5 lost carrie
shutdown cef
duplex halfsco Express
!r
interface Ethernet1/3
1 packe
no ip address
no ip redirects28 MBd commandac
no ip proxy-arp
class-map
no ip route-cachelass Map
shutdown
duplex halflock
!
interface Serial2/0
!
interface Serial2/1
controllers
no ip addresstroller status
shutdown055-02 Re
serial restart_delay 0
cops
!C
interface Serial2/2 0 no carrier)#side
no ip addresscrm
shutdownr Resourc
serial restart_delay 0
!
interface Serial2/3ening Displ
no ip addressformationoftwa
shutdownited
serial restart_delay 0
dial-peer D
!l
interface FastEthernet4/0.g. VoIP Peers Interface
no ip address0000043rker
shutdown
duplex halfr
!i
ip classlessrs and stati
ip route 0.0.0.0 0.0.0.0 65.38.144.65are (0/1)ation: ONe
diffserv
ip route 66.0.0.0 255.0.0.0 65.38.144.65
scr
!t
snmp-server community pubnmm RO DRiP DBmpl
snmp-server community public RO 99 DSS information
Hardware is
!
!
dial-peer cor custom
!
!
!
!
gatekeeper
shutdown
!
!
line con 0
stopbits 1
line aux 0
stopbits 1
line vty 0 4
password r1nt3rn3t
login
!
!
!
end
CMCMD#
Thanks for any help u can give...
