Advertisement

06.21.2007 at 05:02PM PDT, ID: 22650166
[x]
Attachment Details

Pix static only creates xlate in one direction

Asked by accessint in Cisco PIX Firewall

Tags: pix, static

I am having trouble with xlate timeouts on a pix firewall.  I have a static translation from our DMZ network to our INTERNAL network.  I have added and access list which currently allows all icmp and ip traffic in the DMZ interface.  After clearing the xlate, an initial ping from a DMZ host to an INTERNAL host returns a "request timed out".  However, a ping from an internal host to the DMZ host works and after this successful ping the DMZ server is now able to ping the internal host...Until the xlate times out that is.  I thought that the static statement would setup the xlate with traffic going in or out as long as the access-list allows it.  Is this incorrect?
If needed, I can post the pix config.  However, I would need to trim it down quite a bit because of other interfaces and entries that muddy the water.  Thanks in advance,
DannyStart Free Trial
 
Keywords: Pix static only creates xlate in one dire…
Title
1 PIX and xlate problems
2 Pix 515e dmz configuration
3 Problem with Xlate table.
4 PIX 515E.....Proper DMZ setu…
5 PIX
6 PIX - Stuck Xlate
 
Loading Advertisement...
 
[+][-]06.22.2007 at 02:21AM PDT, ID: 19339873

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]06.22.2007 at 10:28AM PDT, ID: 19343200

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]06.22.2007 at 10:52AM PDT, ID: 19343380

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]06.22.2007 at 11:12AM PDT, ID: 19343541

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]06.22.2007 at 12:26PM PDT, ID: 19344146

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]06.23.2007 at 01:09AM PDT, ID: 19346878

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]06.27.2007 at 02:21PM PDT, ID: 19376361

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]06.27.2007 at 02:42PM PDT, ID: 19376482

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]09.29.2007 at 05:17AM PDT, ID: 19983690

Experts Exchange has a courteous staff of administrators who help members get the most out of the website by means of administrative comments like this one.

Start your 7-day free trial to view this Administrative Comment or ask the Experts your question.

 
[+][-]10.07.2007 at 05:39PM PDT, ID: 20031481

View this solution now by starting your 7-day free trial. Setting up your free trial is quick, easy, and secure. We will return you to this solution, unlocked, when you're done.

 

About this solution

Zone: Cisco PIX Firewall
Tags: pix, static
Sign Up Now!
Solution Provided By: Computer101
Participating Experts: 2
Solution Grade: A
 
 
 
Loading Advertisement...
20080716-EE-VQP-32