PIX 506e static nat for services

I have a linux box in my dmz that I am trying to allow access to the web server in my private network.  I added the following to my PIX to allow a static nat

My pix outside interface is 172.16.0.9, inside 10.0.0.2

static (inside,outside) 172.16.0.10 10.0.0.10 netmask 255.255.255.255 0 0
access-list outside_access_in permit tcp any host 172.16.0.10 eq www

The linux box IP is 172.16.0.14 on the same network as the pix outside interface.  But when I try and connect using the 172.16.0.10 address I receive a 'no route to host' error.

The route table of the linux box is
172.16.0.0    *                   255.255.254.0   U    0 0 0   eth0
loopback      gentoo          255.0.0.0            UG 0 0 0   lo
default         172.16.0.2    0.0.0.0                UG 0 0 0   eth0

So why am I getting this error?

bdebeliusAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
lrmooreConnect With a Mentor Commented:
The host is local to you, so where are you seeing this error, on the gentoo box, or the PIX?
Do you have proxyarp enabled for the outside interface?
What is the subnet mask on the outside interface of the PIX?
What is the default gateway of the box 10.0.0.10 ?
0
 
bdebeliusAuthor Commented:
I had proxyarp disabled.  Thanks.
0
All Courses

From novice to tech pro — start learning today.