Solved

PIX Config change

Posted on 2007-11-28
9
189 Views
Last Modified: 2010-04-09
I have a PIX 515 running version 6.3(4) of the IOS.
I need to change the IP address of my mail server and there is a line in the config i need to change but can't.
The line is:

static (inside,outside) *external IP* *internal IP* netmask 255.255.255.255 0 0

I need to change the internal IP address but if i try to remove this line or add another it fails on the static word.

Any ideas on how i can edit this line?

Thanks.
0
Comment
Question by:nealerocks
9 Comments
 
LVL 36

Expert Comment

by:grblades
Comment Utility
To remove the line copy and paste it back into the configuration but with the 'no ' keyword infront.
You can then enter the new command with the modifed IP address.
0
 
LVL 28

Expert Comment

by:batry_boy
Comment Utility
Are you in config mode?  Your prompt should look like this:

pixfirewall(config)#

If you have the "#" prompt at the end and it says (config), then you should be able to issue the "no" form of the static command to remove it.  In other words,

no static (inside,outside) *external IP* *internal IP* netmask 255.255.255.255

and then type the static command back in with the new value(s).
0
 
LVL 25

Expert Comment

by:Cyclops3590
Comment Utility
i have to agree with batry_boy.  typically when this happens to me, i'm in a hurry to make a simple change and sometimes forget to put myself in config mode first.
0
 
LVL 12

Author Comment

by:nealerocks
Comment Utility
Thanks for your responses guys.
However i am in config mode and i have tried typing the whole line with "no" in front of it.

It give me an error and the little arrow points to the word static.
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 28

Accepted Solution

by:
batry_boy earned 500 total points
Comment Utility
Try clearing your existing xlates first with the command:

clear xlate

and then try removing it again.  If that doesn't work, I would reload the PIX and try again.
0
 
LVL 12

Author Comment

by:nealerocks
Comment Utility
I tried the clear xlate command but it wont accept it. i tried in config mode and normal mode.
the error is the word clear. is there another command to clear the xlate?
0
 
LVL 12

Author Comment

by:nealerocks
Comment Utility
when i try clear xlate in enable mode the error points to xlate.
i typed clear ? and xlate did not show up in the list of available commands.
0
 
LVL 28

Expert Comment

by:batry_boy
Comment Utility
OK, something weird is going on here...post the output of the "show version" command, please.
0
 
LVL 12

Author Comment

by:nealerocks
Comment Utility
Holy shit, i'm the dumbest person in the world! i had the console cable plugged into the wrong port. that is why the commands were not working. i plugged it into the router by mistake which sits on top of the pix.
sorry guys.

Thanks for your help batry. im going to give you the points because i had the right commands from the beginning, i just noticed the problem when you asked for the show version output.
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

Suggested Solutions

How to configure Site to Site VPN on a Cisco ASA.     (version: 1.1 - updated August 6, 2009) Index          [Preface]   1.    [Introduction]   2.    [The situation]   3.    [Getting started]   4.    [Interesting traffic]   5.    [NAT0]   6.…
I recently updated from an old PIX platform to the new ASA platform.  While upgrading, I was tremendously confused about how the VPN and AnyConnect licensing works.  It turns out that the ASA has 3 different VPN licensing schemes. "site-to-site" …
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now