eny TCP (no connection) from 1.2.3.4/80 to 5.5.7.8/6214 flags ACK

Discussion in 'Cisco' started by yanks2112, Feb 25, 2008.

  1. yanks2112

    yanks2112 Guest

    Hi All

    I am getting the above message on my PIX 515 7.04 when trying to
    access a particular web site, When I try to access the page it
    "loops". I am NATing and using the outside interface as my public
    ip.

    If I do not use NAT (or one to one nat) using an available public ip
    I can view the website through my PIX

    My question is can I make exceptions for this traffic based on the ips
    of the web site i am trying to access (there are three of them). I
    have tried adding them to my outbound and inbound access-lists but
    that hasn't worked.

    Hopefully this makes sense to somebody!

    Thanks
     
    yanks2112, Feb 25, 2008
    #1
    1. Advertisements

  2. yanks2112

    Greeley

    Joined:
    Dec 16, 2007
    Messages:
    67
    Likes Received:
    0
    You want to do a policy based nat. Do a search on the config its pretty straight forward.

    If I understand you right.. say on your inside network 1.1.1.1 wants to go to google.com you want google to see 2.2.2.2 but if 1.1.1.1 wants to go to cnn.com you want cnn to see 2.2.2.3 or something along those lines.


    --G
     
    Greeley, Feb 26, 2008
    #2
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.