• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 236
  • Last Modified:

Testing PIX 506E on existing network causes connectivity failures to servers

I have a PIX 506E that I'm trying to put on my existing network to test my setup and make sure I have everything configured the way it needs to be, but every time I plug it in to the network using the outside interface it causes serious network issues for the other computers on the network specifically my servers.  Pings stop responding and complete connectivity just drops off.

My current network configuration is router>3com firewall>LAN and I'm trying to put the PIX on the LAN with test computers behind it (put it simply I'm trying a firewall (PIX) behind a firewall (3com) to test everything out).  

My first thought was the DHCP server on the PIX was handing out private IPs but DHCP is off on the PIX.  My next thought was a static translation was picking up traffic destined for an existing server's IP that in the end will be behind the PIX, but I don't have any static translations looking to translate current IPs of my servers to private ones behind the PIX.  They're all set up to translate IPs that aren't even used in my current network.

Does anyone have any ideas?  I'd really like to put this on my existing network and check my config rather than just replacing the 3com and deal with it then.

  • 2
1 Solution
Yep. Turn off proxy arp on the outside interface:

sysopt noproxyarp outside
jshuck3Author Commented:
Is this something I'm going to want to turn back on when I finally take the 3com firewall out of the picture and just use the PIX or is it safe to leave it off all the time?
Depends. If you have static NAT entries, you might want to turn it back on in production.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Firewall Management 201 with Professor Wool

In this whiteboard video, Professor Wool highlights the challenges, benefits and trade-offs of utilizing zero-touch automation for security policy change management. Watch and Learn!

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now