Hi,
The Pix is a firewall and a router and will not route packets back the way
they came from. The only routing the pix can do is routing between
interfaces. So, change host A and B's default gateway to 10.10.2.1 (the
3640).
Erik
"Mamun Shaheed" <> wrote in message
news: om...
> Hi,
> I am faceing some problem in with my PIX firewall. Here is my network
> design
>
> +---------------+
> |192.168.10.1/24|
> |Pix F/W |
> |10.10.2.230/24 |
> +---------------+
> |
> |
> |
> My nework |
> 10.10.2.x |----|---------------------|-------------------|
> | Host A Host B Host C
> | 10.10.2.210/24 10.10.2.208/24 10.10.2.209/24
> | g/w 10.10.2.230 g/w 10.10.2.230 g/w 10.10.2.1
> +--------------+
> |10.10.2.1/24 |
> |3640 router |
> |192.168.3.1/24|
> +--------------+
> |
> |
> Host D
> 192.168.3.101
>
>
> Host A and B is statically mapped in Pix.
>
> Host D can Ping 10.10.2.1, 10.10.2.230 and 10.10.209, but it cannot
> ping Host A or Host B. When it try to ping Host A or Host B, I am
> getting following error in my syslog server.
>
> <163>%PIX-3-106011: Deny inbound (No xlate) icmp src
> inside:10.10.2.201 dst inside:192.168.3.101 (type 0, code 0)
>
> So far i understand that, as PIX is pointed as g/w for Host A and B,
> when it receive and request for these two hosts it is trying to send
> that request to outside (192.168.10.x) as these two hosts are
> statically mapped in PIX.
>
> Here is the route I put in Pix
> route inside 192.168.3.0 255.255.255.0 10.10.2.1
>
> Now How can I tell my PIX to route 192.168.3.0 kinda request to send
> back to 10.10.2.1??
>
> ~M$
|
Similar Threads
