Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
XLATE ?!
- Thread starter iiiiss
- Start date
- Thread starter
- #2
khaledeshah
ISP
Hi
Explanation|: This message logs when a nat and global command cannot be found for a protocol, The protocol can be TCP, UDP, or ICMP.
Action : This message can be either an internal error or an error in the configuration.
Explanation|: This message logs when a nat and global command cannot be found for a protocol, The protocol can be TCP, UDP, or ICMP.
Action : This message can be either an internal error or an error in the configuration.
- Thread starter
- #4
khaledeshah
ISP
Hi
Can u send us ur config file to see what is wrong
Can u send us ur config file to see what is wrong
- Thread starter
- #6
Thanks for the help . Here are more specific informations :
I just want to ping from dmz to a network on the inside interface (access-lists are correct).
dmz workstation x.x.x.2 dmz interface x.x.x.1
inside interface x.x.166.2 router on the inside interface has x.x.166.1
server to ping has x.x.166.8
I can ping from the server to the dmz server but not visa versa .
--------------------
route inside x.x.165.160 x.x.x.x x.x.166.1 1
--------------------
I would like to set a default route for the inside interface but that seems to be impossible is that right ?
Do I need any other route entries ???
Thanks for the help
I just want to ping from dmz to a network on the inside interface (access-lists are correct).
dmz workstation x.x.x.2 dmz interface x.x.x.1
inside interface x.x.166.2 router on the inside interface has x.x.166.1
server to ping has x.x.166.8
I can ping from the server to the dmz server but not visa versa .
--------------------
route inside x.x.165.160 x.x.x.x x.x.166.1 1
--------------------
I would like to set a default route for the inside interface but that seems to be impossible is that right ?
Do I need any other route entries ???
Thanks for the help
- Thread starter
- #7
- Thread starter
- #9
HI.
Please note that the basic idea of DMZ is that it cannot initiate connections to internal hosts (only to accept connections originated inside).
Using the "static" command might lead to a security breach, and you I would favor the more traditional design - the DMZ server cannot ping the inside.
Bye
Yizhar Hurwitz
Please note that the basic idea of DMZ is that it cannot initiate connections to internal hosts (only to accept connections originated inside).
Using the "static" command might lead to a security breach, and you I would favor the more traditional design - the DMZ server cannot ping the inside.
Bye
Yizhar Hurwitz
- Status
Similar threads