PIX solaris and Windows

Discussion in 'Cisco' started by David Hodgson, Sep 23, 2004.

  1. hi folks,

    I have a pix 501 which separates 2 networks, 1 network =
    (inside) the other network is (outside).

    I have both solaris,windows and linux boxes on the outside, I have only
    windows boxes on the inside.

    I have no NAT on PIX and am using only access rules. The access rules I have

    (from inside to outside) "icmp" from with a destination of is allowed
    (from outside to inside) "icmp" from ANY with a destination of
    is allowed

    now with these rules in effect the following happens...

    from the outside...
    Windows boxes and linux boxes on the outside can ping any inside windows box
    Solaris boxes can only ping outside boxes, they can't ping anything inside

    from the inside...
    Windows boxes can ping all solaris, windows and linux boxes

    What I've noticed...
    If I ping from host to solaris box I get a
    response, then if I ping from solaris box to windows box I get a response, this is the only time it works, it's as if NAT
    is stopping transmission.

    is this a solaris issue or a PIX issue??

    anyone please help

    David Hodgson, Sep 23, 2004
    1. Advertisements

  2. David Hodgson

    PES Guest

    The xlate with nat 0 is built as the first packet goes from in to out. Then
    incoming initiated traffic as defined in the acl could use the xlate until
    it times out. If you want to lock the translation table to what nat 0 would

    from memory only

    static (inside,outside) netmask

    then clear xlate
    PES, Sep 23, 2004
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.