PDM , messgae : PDM has encountered a firewall configuration
When i try to access the primary pix firewall, I am receiving this message :
http://img154.imageshack.us/img154/5623/pdmhasencounteredzi0.jpg
If I click on the "Configuration" option I would receive the same message
If I click on the "Monitoring" option I would receive the same message as well
Regards
http://img154.imageshack.us/img154/5623/pdmhasencounteredzi0.jpg
If I click on the "Configuration" option I would receive the same message
If I click on the "Monitoring" option I would receive the same message as well
Regards
Stupid suggestion but, what happens if you keep hitting 'OK'... atleast 20 or so times?
Oh and have you made any changes to your PIX config lately?
ASKER
[cut]
Oh and have you made any changes to your PIX config lately?
[/cut]
I am not sure if this will affect or not?
https://www.experts-exchange.com/questions/22072536/PIX-525-and-accessing-PDM-within-LAN.html
Oh and have you made any changes to your PIX config lately?
[/cut]
I am not sure if this will affect or not?
https://www.experts-exchange.com/questions/22072536/PIX-525-and-accessing-PDM-within-LAN.html
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
[cut]
no alias (dmz) 192.168.101.210 192.168.2.10 255.255.255.255
[/cut]
Will that affect the PIX configuration because I am using product device (not experimental one) ?
Regards
no alias (dmz) 192.168.101.210 192.168.2.10 255.255.255.255
[/cut]
Will that affect the PIX configuration because I am using product device (not experimental one) ?
Regards
Yes, it affects the working of pix since you put it in there for a reason. You need to have a workaround for it.
Cheers,
Rajesh
Cheers,
Rajesh
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
My curious is that : 192.168.2.10 is Primary domain Controller withing my LAN,(x.x.2.x LAN addresses)
192.168.101.210 is unpingable (timed out),,,, I could not figure out yet , if this PC still exists on our DMZ (x.x.101.x DMZ addresses) or it not ?
If I disabled alias without adding:
static (inside,dmz) 192.168.101.210 192.168.2.10 netmask 255.255.255.255 0 0 dns
Does it make any difference ?
192.168.101.210 is unpingable (timed out),,,, I could not figure out yet , if this PC still exists on our DMZ (x.x.101.x DMZ addresses) or it not ?
If I disabled alias without adding:
static (inside,dmz) 192.168.101.210 192.168.2.10 netmask 255.255.255.255 0 0 dns
Does it make any difference ?
You don't need that, since you already have the static statements in your config. I did check that.
Cheers,
Rajesh
Cheers,
Rajesh
ASKER
[cut]
You don't need that, since you already have the static statements in your config.
[/cut]
Did you mean that I do not need to add the command below:
static (inside,dmz) 192.168.101.210 192.168.2.10 netmask 255.255.255.255 0 0 dns
You don't need that, since you already have the static statements in your config.
[/cut]
Did you mean that I do not need to add the command below:
static (inside,dmz) 192.168.101.210 192.168.2.10 netmask 255.255.255.255 0 0 dns
Zillah,
You already have that in your config (both ways), check your config.
Cheers,
Rajesh
You already have that in your config (both ways), check your config.
Cheers,
Rajesh
ASKER
[cut]
You already have that in your config (both ways), check your config.
[/cut]
Thanks for that, I have found that , no it is working fine.
As far as know that the format for pix static command is :
static (highSecurity, lowSecurity) lowip highip
but in the configuration that I have got (we have got different format)!!!
Please see below :
static (dmz,inside) 192.168.2.10 192.168.101.210 dns netmask 255.255.255.255 0 0
static (dmz,inside) 192.168.2.11 192.168.101.211 dns netmask 255.255.255.255 0 0
Regards
You already have that in your config (both ways), check your config.
[/cut]
Thanks for that, I have found that , no it is working fine.
As far as know that the format for pix static command is :
static (highSecurity, lowSecurity) lowip highip
but in the configuration that I have got (we have got different format)!!!
Please see below :
static (dmz,inside) 192.168.2.10 192.168.101.210 dns netmask 255.255.255.255 0 0
static (dmz,inside) 192.168.2.11 192.168.101.211 dns netmask 255.255.255.255 0 0
Regards
They basically defines from *where* to *where*. Nat is a direction bound stuff.
So the first will be *from* and the second will be *to*
In your above example, the machine is sitting in dmz with an ip address of 192.168.101.210.
But it will look like 192.168.2.10 to all the computers that are *inside*.
Cheers,
Rajesh
So the first will be *from* and the second will be *to*
In your above example, the machine is sitting in dmz with an ip address of 192.168.101.210.
But it will look like 192.168.2.10 to all the computers that are *inside*.
Cheers,
Rajesh