Solved

Configure pix 501 to access outside ip from inside

Posted on 2009-07-06
4
319 Views
Last Modified: 2012-05-07
Ok, so we have a pix 501 firewall.  Inside we have 2 different web servers using 2 outside ip addresses.  I haven't been able to connect to either outside IP form any computer inside the network.  I was able to configure NAT to allow access, but it breaks all other internet access.  If anyone has any insight on how to configure this I would greatly appreciate it.
0
Comment
Question by:bhmahler
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 15

Expert Comment

by:Robert Sutton Jr
ID: 24787018
Could you post a copy of your complete config here please. You can remove/change your Public Ip information for your network before posting it here for your own protection. Thanks in advance.
0
 
LVL 20

Accepted Solution

by:
RPPreacher earned 500 total points
ID: 24787033
This is a pretty common issue

www.example.com is your outside name

When users resolve www.example.com, it resolves to aaa.bbb.ccc.ddd (public address)

The PIX does not allow traffic to hairpin (go out and in on same interface).

Easy solution.  Add DNS zone example.com to your internal DNS server.  Add A record www.example.com to resolve to INTERNAL IP.
0
 
LVL 29

Expert Comment

by:Jan Springer
ID: 24787581
0
 
LVL 8

Author Closing Comment

by:bhmahler
ID: 31600247
I went ahead and configured it this way.  Thanks
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Occasionally, we encounter connectivity issues that appear to be isolated to cable internet service.  The issues we typically encountered were reset errors within Internet Explorer when accessing web sites or continually dropped or failing VPN conne…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Suggested Courses

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question