Solved

Access Pix behind pix

Posted on 2004-10-27
264 Views
Last Modified: 2013-11-16
Internet -- PIX1 -- PIX2 -- Private Network

What would I need to do to allow me to access PIX1 pdm from the private network?
0
Question by:bdebelius
    11 Comments
     
    LVL 79

    Expert Comment

    by:lrmoore
    On PIX1, enable http access from the ouside IP of PIX2 (assuming that you use NAT)

    PIX1:
      http server enable
      http x.x.x.x 255.255.255.x inside
    0
     

    Author Comment

    by:bdebelius
    ok that make sense, but then what do I enter in my browser?  The pix1 inside ip?
    0
     
    LVL 5

    Expert Comment

    by:talphius
    Yes - the inside IP of the pix using HTTPS

    i.e. https://192.168.100.1/
    0
     

    Author Comment

    by:bdebelius
    the pix1 inside/pix2 outside are on a 172. network, and the pix2 inside is a 10. network
    0
     
    LVL 79

    Expert Comment

    by:lrmoore
    OK, but how are you doing NAT, or are you?
    You have to tell PIX1 to allow http connections from your IP, whether that be 10. or 172.x, that depends on the answer to the NAT question..
    0
     

    Author Comment

    by:bdebelius
    the 10.x. network on the inside of pix2 is nat'd to the outside interface of pix2 (172.x).
    0
     
    LVL 79

    Accepted Solution

    by:
    OK, then on PIX1, you must have:
      http 172.x.x.x 255.255.0.0 inside

    then from your PC, just go to the PIX1 inside interface IP:
       https://172.x.x.x
            ^^ make sure you use the "s"
    0
     

    Author Comment

    by:bdebelius
    ok thanks.

    0
     
    LVL 79

    Expert Comment

    by:lrmoore
    Did you get it to work?
    0
     

    Author Comment

    by:bdebelius
    yep
    0
     

    Author Comment

    by:bdebelius
    forgot to accept.  here ya go.
    0

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Shellfire Box VPN + Lifetime Subscription

    The Shellfire Box easily connects all of your devices, even those that don't offer the possibility to establish a safe vpn connection. Access blocked content and surf safely, no matter where in the world you are located.

    If you have an ASA5510 then this sort of thing would be better handled with a CSC Module, however on an ASA5505 thats not an option, and if you want to throw in a quick solution to stop your staff going to facebook during work time, then this is the…
    From Cisco ASA version 8.3, the Network Address Translation (NAT) configuration has been completely redesigned and it may be helpful to have the syntax configuration for both at a glance. You may as well want to read official Cisco published AS…
    Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
    This video discusses moving either the default database or any database to a new volume.

    846 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    5 Experts available now in Live!

    Get 1:1 Help Now