PIX and solaris question

Discussion in 'Cisco' started by Rob, Mar 14, 2005.

  1. Rob

    Rob Guest

    Hi,

    Recently I replaced my old firewall with a Cisco PIX one, and translated all
    commands, now everything seems to be fine except I cannot get out from my
    Sun 5.8 (no ping and traceroute outside), also I cannot open a page (port
    80)on this box from outside, this is the only Unix based machine I have, and
    all other servers and workstations are Windows and they seem to be fine. I
    deleted the mac address for the old firewall using arp -d but didn't work.
    Does anyone know how to fix this problem?



    Thanks in advance for any help.
     
    Rob, Mar 14, 2005
    #1
    1. Advertisements

  2. :Recently I replaced my old firewall with a Cisco PIX one, and translated all
    :commands, now everything seems to be fine except I cannot get out from my
    :Sun 5.8 (no ping and traceroute outside), also I cannot open a page (port
    :80)on this box from outside, this is the only Unix based machine I have, and
    :all other servers and workstations are Windows and they seem to be fine. I
    :deleted the mac address for the old firewall using arp -d but didn't work.
    :Does anyone know how to fix this problem?

    A bit difficult to say without any of the configuration information.
    My first guess would be DNS issues, but you might also be having
    issues with returning icmp (icmp is connectionless so you have to
    specifically permit it back in.)
     
    Walter Roberson, Mar 14, 2005
    #2
    1. Advertisements

  3. Rob

    Martin Turba Guest

    Could you please post (some of) your configuration, especially if you
    configured any access-lists, and an "ifconfig -a" from your Solaris
    machine so that we can get a clue?

    Martin
     
    Martin Turba, Mar 14, 2005
    #3
  4. Rob

    Brad Guest

    I had a problem a while back with solaris and a firewall. The solaris
    box was running sendmail and for some reason it wasn't sending any
    emails that users had posted to it. Come to find out, sendmail was
    trying to ping the remote mail server before establishing an smtp
    connection. No echo reply meant no smtp connection. Since the firewall
    was dropping pings no emails were being sent.
     
    Brad, Mar 15, 2005
    #4
  5. Rob

    freddy2t Guest

    have you tried restarting the network on the box or rebooting it?
    sounds like an ARP issue.

    Dave
     
    freddy2t, Mar 16, 2005
    #5
  6. Rob

    Rob Guest

    I tried everything, however still having problem only on solaris box. for
    some reason it cannot comunicate with PIX at all, all other windows machines
    are ok. Is there any thing like mtu or other setting I have to change in
    order to get Solaris talk to PIX?
    Thanks for any help-Rob
     
    Rob, Mar 21, 2005
    #6
  7. Rob

    aunraza Guest

    Is the static nat set up properly on the PIX? Also, what is the default
    gateway of the Solaris box? Make sure the netmasks, etc are good.
     
    aunraza, Mar 21, 2005
    #7
  8. Rob

    Rob Guest

    Both can ping each other, but Solaris cannot go further than inside
    interface of the firewall. netmask is ok, the DG on Sun is the inside
    interface of the PIX.
    Rob
     
    Rob, Mar 22, 2005
    #8
  9. Rob

    aunraza Guest

    Can you do a netstat -rn and check if the default gateway is correct?

    When you do a traceroute to the outside, does it actually see the PIX
    as the first hop, or any one of the hops? If yes, make sure that you're
    allowing the Solaris box's subnet to be natted outside.
     
    aunraza, Mar 23, 2005
    #9
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.