PIX solaris and Windows

  1. hi folks,

    I have a pix 501 which separates 2 networks, 1 network =
    (inside) the other network is (outside).

    I have both solaris,windows and linux boxes on the outside, I have only
    windows boxes on the inside.

    I have no NAT on PIX and am using only access rules. The access rules I have

    (from inside to outside) "icmp" from with a destination of is allowed
    (from outside to inside) "icmp" from ANY with a destination of
    is allowed

    now with these rules in effect the following happens...

    from the outside...
    Windows boxes and linux boxes on the outside can ping any inside windows box
    Solaris boxes can only ping outside boxes, they can't ping anything inside

    from the inside...
    Windows boxes can ping all solaris, windows and linux boxes

    What I've noticed...
    If I ping from host to solaris box I get a
    response, then if I ping from solaris box to windows box I get a response, this is the only time it works, it's as if NAT
    is stopping transmission.

    is this a solaris issue or a PIX issue??

    anyone please help

    The xlate with nat 0 is built as the first packet goes from in to out. Then
    incoming initiated traffic as defined in the acl could use the xlate until
    it times out. If you want to lock the translation table to what nat 0 would

    from memory only

    static (inside,outside) netmask

    then clear xlate
