Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 234
  • Last Modified:

Testing PIX 506E on existing network causes connectivity failures to servers

I have a PIX 506E that I'm trying to put on my existing network to test my setup and make sure I have everything configured the way it needs to be, but every time I plug it in to the network using the outside interface it causes serious network issues for the other computers on the network specifically my servers.  Pings stop responding and complete connectivity just drops off.

My current network configuration is router>3com firewall>LAN and I'm trying to put the PIX on the LAN with test computers behind it (put it simply I'm trying a firewall (PIX) behind a firewall (3com) to test everything out).  

My first thought was the DHCP server on the PIX was handing out private IPs but DHCP is off on the PIX.  My next thought was a static translation was picking up traffic destined for an existing server's IP that in the end will be behind the PIX, but I don't have any static translations looking to translate current IPs of my servers to private ones behind the PIX.  They're all set up to translate IPs that aren't even used in my current network.

Does anyone have any ideas?  I'd really like to put this on my existing network and check my config rather than just replacing the 3com and deal with it then.

Thanks
0
jshuck3
Asked:
jshuck3
  • 2
1 Solution
 
lrmooreCommented:
Yep. Turn off proxy arp on the outside interface:

sysopt noproxyarp outside
0
 
jshuck3Author Commented:
Is this something I'm going to want to turn back on when I finally take the 3com firewall out of the picture and just use the PIX or is it safe to leave it off all the time?
0
 
lrmooreCommented:
Depends. If you have static NAT entries, you might want to turn it back on in production.
0

Featured Post

Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now