Recent content by mRgEE

I am having the same problem at the minute and unfortunately haven't fixed it yet. However, I think that the problem may relate to NAT. I can see that your Checkpoint has Natting setup for Exchange. How is this setup? Do you perform any Nat from your router > firewall? I also want to get to the...

Our company recently merged with another company and we are migrating into their AD domain. I need to move from our DNS servers that all hosts are currently using to a new DNS server that is installed on the new domains local DC. There is currently a 2 way trust between our domain and their...

My config allows all ip traffic to pass in both directions between the outside and inside interfaces of my pix 501 even though they are on different subnets as shown below: - ip address outside 10.0.0.253 255.0.0.0 ip address inside 192.168.0.253 255.255.255.0 I have the following ACLs setup: -...

Update, I have tried to get RIP working without success to route between the 10.0.0.0 and 192.168.0.0 networks. The only way I have managed to get successful pings from the 10.0.0.0 to the 192.168.0.0 network is to add the static statement "static (inside,outside) 10.0.0.150 192.168.0.1 netmask...

System IP Addresses: ip address outside 10.0.0.253 255.0.0.0 ip address inside 192.168.0.254 255.255.255.0 Current IP Addresses: ip address outside 10.0.0.253 255.0.0.0 ip address inside 192.168.0.254 255.255.255.0 CP501FW(config)# sh access-list access-list...

Ok, I am getting a little closer now. I now get replies when I ping the LAN (10.0.0.0/8) from the DMZ (192.168.0.0/24). I added the following to my config to get this to work: - access-list allow_icmp permit icmp any any access-group allow_icmp in interface outside access-group allow_icmp in...

Above I asked if it was possible to use the 2 internal interfaces... however I have just been reading and as I am using the pix 501 it only has 1 outside interface and 1 inside interface (not 2). Is this correct?

All I am basically wanting to do is to implement a DMZ that is protected via the Pix. Any traffic that is destined for the DMZ must pass through the Pix first. I already have a Perimiter Router / firewall in place protecting the LAN. The Perimiter Router is performing NAT with an internal IP...

ok, I have added the following but still no joy :( nat (inside) 0 0.0.0.0 0.0.0.0 0 0 nat (outside) 0 0.0.0.0 0.0.0.0 0 0 Can anyone point to where I am going wrong?

What is the syntax for this nonat rule? - i am having trouble locating documentation on it.

Some more information... I turned on debug icmp trace and pinged from a server in the DMZ to the inside interface and the outside interface. here are the results: - CP501FW# sh ip address System IP Addresses: ip address outside 10.0.0.253 255.0.0.0 ip address inside...

My LAN ip address is currently 10.0.0.0/8. I would like my DMZ to be 192.168.0.0/24. From the above config I can ping both networks on the pix successfully. However, if I ping the LAN from the DMZ or the DMZ from the LAN I get no response. Do I need to setup ACLs or routing for this?

I am looking at setting up a DMZ as follows: - Internet > router > pix -------> dmz / isa > web servers ¦ ¦-----> lan I want to set up the DMZ with a 192.168.0.0 address. At present I have my Pix setup with the outside...

This is for WWW traffic and not specific site to site. Basically I will have various customers connecting to my network via the Internet using SSL. I need to ensure that should one ISP Internet connection become unavailable then the other can be used as failover. Ideally I want to load balance...

Hi, I have a requirement for 2 seperate Internet connections from 2 different ISPs to my network. This is to provide redundancy in the case of one failure. I would like to load balance these connections and configure the routers for failover should one go down. Is this configuration possible? I...