We help IT Professionals succeed at work.

Communication between 2 DMZ hosts on PIX 515E

cruzer8504
cruzer8504 asked
on
Medium Priority
433 Views
Last Modified: 2010-04-08
I am trying to telnet into a router which resides on my DMZ network from a host that resides on a remote DMZ network. The subnet of the DMZ is 192.168.191.0/24 the ip of the router im trying to telnet into is 192.168.191.3. the host i am connecting from is 172.16.3.22 which is connecting via a firewall (the firewall is allowing all IP traffic) plugged into the DMZ at 192.168.191.2. I can ping 192.168.191.3 from 172.16.3.22, however, when i try to initiate a telnet session I get rejected. There are no acl's on the router which are blocking telnet.  Is there something I need to do to allow these 2 dmz hosts to communicate? I believe pix doesn't allow interfaces with the same security level to communicate, is there a way around this?
Comment
Watch Question

Les MooreSr. Systems Engineer
CERTIFIED EXPERT
Top Expert 2008

Commented:
Let me see if I get this right:

<Outside
PIX Fw -- >DMZ<-->Router (192.168.191.3)
<Inside       \
                  Firewall (192.168.191.2)
                        \
                      host (172.16.3.22)

Close?

Author

Commented:
Yes, that is correct
Commented:
Unlock this solution and get a sample of our free trial.
(No credit card required)
UNLOCK SOLUTION

Commented:
if you don't see any "build ups" look for a DENY on the address that you are coming from...
Good Luck...
Les MooreSr. Systems Engineer
CERTIFIED EXPERT
Top Expert 2008

Commented:
Are you still working on this? Do you need more information?
Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a sample view!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.