PIX Firewall problems

Discussion in 'Cisco' started by Thys, Dec 24, 2004.

  1. Thys

    Thys Guest

    Hi all,

    I have the current situation :

    PIX Firewall with 3 networks attached. LAN (sec100), DMZ(sec50),
    Internet(sec0). In the DMZ I have a server that needs to connect to a
    server on our LAN. As far as I know you need a static for this. All is
    configurerd by a network/firewall engineer. There is also an
    access-list that allows Host DMZ -> Host LAN all IP is allowed (for
    testing).

    The following :

    1. Ping from DMZ-host to LAN-host -> no reply.
    2. Ping from LAN-host to DMZ-host -> I get reply's !
    3. Ping from DMZ-host to LAN-host -> I no DO get reply's !

    It seems that the ARP cache of the firewall needs to get filled with
    MAC's from the LAN side to be able to communicate. When the arp
    entry's time-out, i have the same problem all over again. I needed to
    turn off ProxyARP on the DMZ interface for other DMZ problems.

    Anybody can help ?

    Thanx
    Thys, Dec 24, 2004
    #1
    1. Advertising

  2. In article <>,
    Thys <> wrote:
    :It seems that the ARP cache of the firewall needs to get filled with
    :MAC's from the LAN side to be able to communicate. When the arp
    :entry's time-out, i have the same problem all over again. I needed to
    :turn off ProxyARP on the DMZ interface for other DMZ problems.

    :Anybody can help ?

    If you turn off proxy arp, then you need to *route* the packets
    to the PIX.
    --
    WW{Backus,Church,Dijkstra,Knuth,Hollerith,Turing,vonNeumann}D ?
    Walter Roberson, Dec 24, 2004
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Ned Hart
    Replies:
    0
    Views:
    859
    Ned Hart
    Jun 6, 2004
  2. Phil
    Replies:
    1
    Views:
    2,075
    Walter Roberson
    Dec 11, 2004
  3. Thys

    PIX Firewall problems

    Thys, Dec 24, 2004, in forum: Cisco
    Replies:
    4
    Views:
    1,614
    B. Gray
    Jan 3, 2005
  4. Learning Cisco
    Replies:
    3
    Views:
    2,042
    Walter Roberson
    Oct 15, 2005
  5. DarkoN
    Replies:
    0
    Views:
    664
    DarkoN
    Oct 10, 2006
Loading...

Share This Page