Hot Downloads

Welcome, Guest
Username: Password: Remember me

TOPIC: Ping between 3 nets through pix

Ping between 3 nets through pix 11 years 1 week ago #11656

  • bird
  • bird's Avatar
  • Offline
  • New Member
  • Posts: 2
  • Karma: 0
Hi guys,

I'm newbie in PIX fw. I would like to setup ping between all hosts through pix.
I have configured 3 interfaces on pix. No one is connected to internet.
I've read about nat/static issues, but I don't know if it's suitable for my case, because I haven't any globall adresses from ISP provider.

3 nets:

10.12.187.0/24 sec.level 20, gw 10.12.187.250
10.7.190.0/24 sec.level 1 gw 10.7.190.11
10.12.139.0/24 sec. level 5 gw 10.12.139.250

and I want ping from 10.12.187.1 <-> 10.7.190.1
10.12.139.1 <-> 10.12.187.1
10.12.139.253 <-> 10.7.190.1

I use pix515e, ver 6.3(4)

I would like to know if this configuration is ever possible. I know that this would be task for e.g. router, but my customer has bought PIX.

Many thanks for each advice

Regards
bird
The administrator has disabled public write access.

Re: Ping between 3 nets through pix 11 years 4 days ago #11789

  • harrybaba
  • harrybaba's Avatar
  • Offline
  • New Member
  • Posts: 5
  • Karma: 0
Lots of consideration will have to taken into account.
Not sure if PIX is the right device for the kind of application you described. If there is no security concern then having PIX will only give you more trouble. While communication has to be restricted then yes, PIX is the right device. Anyways, have a look at this link and it will give you more ideas :

www.cisco.com/en/US/products/hw/vpndevc/...186a0080094e8a.shtml

Remember this golden rule:
If packet needs to go out from inside to outside, NAT/Global has to be used.
If a packet has to be permitted from outside to inside,
1) The outside IP to which that packet is destined, has to be mapped to an inside address using "static".
2) that particular protocol/port has to be opened. (ICMP in your case)

NOTE: If an inside address is mapped to an outside address using static command, then if the packet originates from the same inside
source, the outside IP will be the one used in static command and NOT the one from the global pool.

Hope this helps !!
The administrator has disabled public write access.

Re: Ping between 3 nets through pix 11 years 4 days ago #11802

  • bird
  • bird's Avatar
  • Offline
  • New Member
  • Posts: 2
  • Karma: 0
Hi,

Many thanks..

Regards
Bird
The administrator has disabled public write access.
Time to create page: 0.075 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup