alimohammed72
asked on
pix behind the pix
I have two PIX firewalls.PIX-2 is behind PIX-1.
1. PIX-1 has three interfaces namely outside(142.77.1.1),DMZ(17 2.16.1.1) and FTP(143.77.1.1).
2..PIX-2 has three interfaces namely inside(192.168.9.1),DMZ(17 2.16.1.2) and outside(142.77.1.2).
I like 192.168.9.2 machine from inside network to reach 143.77.1.1 via 172.16.1.1.what are the things I need to do to ge this working.Please highlight all the best options.Thanks in Advance!
1. PIX-1 has three interfaces namely outside(142.77.1.1),DMZ(17
2..PIX-2 has three interfaces namely inside(192.168.9.1),DMZ(17
I like 192.168.9.2 machine from inside network to reach 143.77.1.1 via 172.16.1.1.what are the things I need to do to ge this working.Please highlight all the best options.Thanks in Advance!
ASKER
I have about 5 machines.Can I put static routes on PIX-1 as "route DMZ 143.77.1.1 255.255.255.255 172.16.1.1" ?and put an accesslist on PIX-1 as "acess-list inside permit tcp host 192.168.9.2 host 143.77.1.1" ?Please advise.
As for NAT,FTP and Inside address spaces are on different PIXes.How does it work ?Please give me an example.
Thanks
As for NAT,FTP and Inside address spaces are on different PIXes.How does it work ?Please give me an example.
Thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
i will try this recommendation
Another option would be to NAT the FTP segment to the inside non-routable address space (192.168.9.x).