Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 763
  • Last Modified:

Can not access internet through PIX 506

I can see the Pix but can not get through it. I can not ping trace outside port either.  
0
riverraid
Asked:
riverraid
1 Solution
 
bloemkool1980Commented:
Your current configuration and some more details bout what you like to do would help in solving your issue.
0
 
graemeboroCommented:
Have you got the outside interface set up and configured?  Once set up traffic going outbound i.e. higher level security to lower level security is permitted unless you have set up access lists or filtering.

0
 
lrmooreCommented:
>I can not ping trace outside port either
You never will be able to from the inside. By design.

You can't ping anything through the PIX unless you explicitly permit icmp with an access-list
   access-list icmp permit any any
   access-group icmp in interface outside

0
Get Certified for a Job in Cybersecurity

Want an exciting career in an emerging field? Earn your MS in Cybersecurity and get certified in ethical hacking or computer forensic investigation. WGU’s MSCSIA degree program was designed to meet the most recent U.S. Department of Homeland Security (DHS) and NSA guidelines.  

 
LloydSevCommented:
lrmoore is correct in that you will never be able to ping or connect to the outside interface from an inside LAN.  By design.  However this should not stop you from pinging an outside server from an inside server if you have not applied any access lists to it.

The PIX is setup so that after you have ran the initial config, and configured the IP addresses and such, that you should be able to surf the internet from the inside already.

Make sure that the router you have in front of the PIX is set to forward traffic for your internal network to the PIX, and make sure either your PIX or Router is performing NAT.
0
 
alex_yalaCommented:
If your router have a different IP address to your PIX, try ping the router from your internal network.
Then try it from the PIX, try ping the router.

If you can't even do that, check your firewall configuration.

By default, (just recently) the external interface is shutdown out of the box.

Please confirm in the config you have
interface ethernet0 auto shutdown

All you need to do is type in
interface ethernet0 10baset

Good Luck,

Alex.
0
 
lrmooreCommented:
How's it going?  Do you need more information?
Can you close this question?

http://www.experts-exchange.com/help.jsp#hs5

Thanks for attending to this open question.

<-8}
0
 
riverraidAuthor Commented:
i have been out of town and a friend of mine was taking a look at it.  as soon as i talk to him about the progress i will let you know where i am at.
0

Featured Post

Managing Security Policy in a Changing Environment

The enterprise network environment is evolving rapidly as companies extend their physical data centers to embrace cloud computing and software-defined networking. This new reality means that the challenge of managing the security policy is much more dynamic and complex.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now