OK if a server has a staticically translated IP address, the IP actually does not exist. When the PIX receives the request for that IP, it translates and forwards information to the inside server. It's sort of like reverse NAT. Knowing this, when a user inside tries to ping that address, they are inside the firewall. The request would have to go outside the firewall for the default route. The PIX is only set to translate the static from inside to outside. The workaround for this is to set up an ALIAS. The Alias takes any internal request for that IP address and tells them the internal IP so they stay inside the firewall. So in short, yes. You can do this ;) Allen ----- Original Message ----- From: "pat" To: Sent: Tuesday, June 19, 2001 10:47 PM Subject: PIX alias command [7:9138] > Hello Everyone: > > Can anybody tell me how this "alias" command works > in PIX. What is the use of it? > I can't ping Inside host from inside machine with > Public IP (mapped through PIX) but I can ping the same > host with private IP. Private IP and public are mapped > on PIX using PIX "static" command. Is this normal..? > Can I make Inside host pingable from inside > machine with Public IP using alias command..? > > Thanks in advance. > > > __________________________________________________ > Do You Yahoo!? > Get personalized email addresses from Yahoo! Mail > http://personal.mail.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=9187&t=9138 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
