pix 515 connect from DMZ to INSIDE on tcp 1521

Discussion in 'Cisco' started by ebolasty@op.pl, Jun 4, 2006.

  1. Guest

    Hallo All!

    i have pix 515E, ver 7.0(4).
    I try connect to oracle ( tcp 1521) from DMZ to INSIDE. I don't know
    why it dont work. Its very especial becouse sometimes it work when i
    try connect to oracle from Toad program, and another protocol like ftp,
    www works. Please help me! I don't uderstand logic of pix.

    My configuration:

    interface Ethernet1
    nameif inside
    security-level 100
    ip address 192.168.1.1 255.255.0.0
    !
    interface Ethernet2
    nameif dmz
    security-level 50
    ip address 10.0.0.1 255.255.255.0
    ....
    access-list dmz extended permit tcp host 10.0.0.10 host 10.0.0.250 eq
    sqlnet
    ....
    static (inside,dmz) tcp 10.0.0.250 sqlnet 192.168.1.250 sqlnet netmask
    255.255.255.255
    ....
    access-group dmz in interface dmz
    ....
    class-map inspection_default
    match default-inspection-traffic
    !
    !
    policy-map global_policy
    class inspection_default
    inspect sqlnet
    !
    service-policy global_policy global
    ....
     
    , Jun 4, 2006
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. MAXIMUS
    Replies:
    1
    Views:
    3,516
    mcaissie
    Apr 27, 2004
  2. Guest
    Replies:
    5
    Views:
    1,767
    Romme
    Jun 15, 2004
  3. Dave Foster
    Replies:
    9
    Views:
    4,716
    Les Mikesell
    Aug 9, 2004
  4. JohnC
    Replies:
    9
    Views:
    867
    Walter Roberson
    Dec 7, 2004
  5. Jack
    Replies:
    0
    Views:
    681
Loading...

Share This Page