Skip to main content

pix 515E

More
15 years 3 months ago #28820 by samisujan
pix 515E was created by samisujan
Hi,

I have a pix 515E. It is directly connected to a laptop.
laptop interface is 192.168.1.1/24
pix interface is 192.168.1.20/24

int e1
speed 100
duplex full
nameif inside
security-level 100
ip address 192.168.1.1 255.255.255.0

Pix cannot ping the laptop eventhough they are directly connected. as i am trying to copy flash from tftp server.

PIX#sh flash

Directory of flash:/

6 -rw- 1540152 22:19:54 Jan 14 2009 image_old.bin
16128000 bytes total (14581248 bytes free)

PIX#copy tftp: flash:
Address or name of remote host [ ] 192.168.1.20
Source filename [ ] pix704.bin
Destination filename [pix704.bin]

Accessing tftp://192.168.1.20/pix704.bin..
Error opening tftp://192.168.1.20/pix704.bin (No such device)

Please help
More
15 years 3 months ago #28822 by S0lo
Replied by S0lo on topic Re: pix 515E
I'd check the following:

1. Make sure you disable the firewall on your laptop, OR enable UDP port 69 on the firewall configuration.

2. Is the physical link actually up? If not, Make sure that you are using the right type of cable. You might need a crossover cable. Although I doubt that this is your case (since laptops nowadays usually come with Auto MDI/MDIX NICs).

If nothing works, then what piece of software are you using for the tftp server? Make sure it's a TFTP not FTP. They are different.
Studying CCNP...

Ammar Muqaddas
Forum Moderator
www.firewall.cx
More
15 years 3 months ago #28827 by samisujan
Replied by samisujan on topic Re: pix 515E
The firewall is off on laptop.
The physical link and protocol is up.
I am using a cross over cable.
I am using tftpd32. i have been using since long time and never has issue that i can guarantee.

could you please send a config how udp port 69 should be enabled on the firewall.? Thanks
More
15 years 3 months ago #28828 by Smurf
Replied by Smurf on topic Re: pix 515E
Hi there,

It wont be blocked on the firewall unless you have specified some access-list in the "out" direction.

I have a pix 515E. It is directly connected to a laptop.
laptop interface is 192.168.1.1/24
pix interface is 192.168.1.20/24

int e1
speed 100
duplex full
nameif inside
security-level 100
ip address 192.168.1.1 255.255.255.0


Is this a type ? You have the Laptop Interface and the Pix e1 Interface on the same IP Address ? Can you ping from the Laptop to the Firewall ?
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx

Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
More
15 years 3 months ago #28831 by S0lo
Replied by S0lo on topic Re: pix 515E

could you please send a config how udp port 69 should be enabled on the firewall.? Thanks


I was talking about the Windows firewall. But since you already have it OFF, you don't need to enable port 69. Furthermore, you don't need to enable port 69 on the Pix either (Unless you explicitly denied that traffic as Smurf noted).
Studying CCNP...

Ammar Muqaddas
Forum Moderator
www.firewall.cx
More
15 years 3 months ago #28835 by samisujan
Replied by samisujan on topic Re: pix 515E
Hi Wayne,

Yes the laptop and pix are directly connected. but no luck with ping at all. There is no ACL at all in the config.
Time to create page: 0.155 seconds