connect outside from inside

Hi,

I have pix 515 and I would like to, from my inside interface, connect to the outside interface. Example if a webserver sits in the dmz I can connect to it via from inside to dmz. I would like to simulate a user that is outside my network and connect through the internet. I would be going out the internet (outside interface) and back in (outside interface) I would like to do this for troubleshooting.

Thanks

Donnie
LVL 12
Donnie4572Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

jrc4728Commented:
You'll need to place a machine on the DMZ or somewhere on the internet. Router/Firewall services (NAT specifically) wont allow an internal user to access an internal resource by going out and back in an opened port on the external interface. The address translation confuses things when the source address and the destination machine for the forwarded port are on the same LAN. It wont work.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Donnie4572Author Commented:
Thanks for reply.
ok. You are saying a host with a public ip address outside the pix would work. Right?
jrc4728Commented:
Yes. In order for the port forwarding you have setup to work, you need to be outside the LAN.
nodiscoCommented:
jrc4728 is correct - you cannot achieve this the way you wish.  If it is for testing (lab condition, then setup a private ip outside address, connect a switch and an outside pc in the range and test whatever you wish.  If its a live environment, bite your lip and get the modem out for some dialup fun!  connect to an ISP and get a public IP and then you can test your application
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Software Firewalls

From novice to tech pro — start learning today.