Hello there,
I have a PIX 515E fail over pair, and am trying to setup a routable DMZ on a port. I have 6FE's, with the following config:
FE0 - Outside - Static IP 160.1.1.X / 26 (1st 64 addresses)
FE1 - Inside - Non Routable IP address 10.1.1.1 / 24
FE2 - Client - Non Routable IP Address 10.10.1.1 / 24
FE3 - Client - Non Routable IP address 10.20.1.1 / 24
FE4 - DMZ - Static IP address 160.1.1.x /26 (2nd 64 addresses)
FE5 - Failover
FE5.1 - Stateful Failover.
Problem is, I have the system set up for NAT, but have a Translation Exemption for the DMZ. I have a rule stating everything from the outside to Any DMZ address to allow. The outside router is set to forward all of the IP traffic for the 2nd IP range to the outside address of the PIX, but Nothing is getting through. What am I missing? I have been playing with this for a few days now, and am getting no where.
Thanks In Advance!
Netechsys
I have a PIX 515E fail over pair, and am trying to setup a routable DMZ on a port. I have 6FE's, with the following config:
FE0 - Outside - Static IP 160.1.1.X / 26 (1st 64 addresses)
FE1 - Inside - Non Routable IP address 10.1.1.1 / 24
FE2 - Client - Non Routable IP Address 10.10.1.1 / 24
FE3 - Client - Non Routable IP address 10.20.1.1 / 24
FE4 - DMZ - Static IP address 160.1.1.x /26 (2nd 64 addresses)
FE5 - Failover
FE5.1 - Stateful Failover.
Problem is, I have the system set up for NAT, but have a Translation Exemption for the DMZ. I have a rule stating everything from the outside to Any DMZ address to allow. The outside router is set to forward all of the IP traffic for the 2nd IP range to the outside address of the PIX, but Nothing is getting through. What am I missing? I have been playing with this for a few days now, and am getting no where.
Thanks In Advance!
Netechsys
