Is the outside interface doing DHCP from the ISP with the setroute command. If so, this would mean that your global ip on your outside interface changes. Am I correct to assume this??
"Kevin O'Gilvie" wrote in message news:[EMAIL PROTECTED]... > Dear All, > > Below is my config. > Can someone tell me why ckients on the inside interface cant get to the > internet (browwse, ping, nothing) > Yet show xlate shows clients Pat(ing) to outside address.. > I am so frustrated, dont know whats the issue???!!! > > PIX Version 6.2(2) > nameif ethernet0 outside security0 > nameif ethernet1 inside security100 > nameif ethernet2 dmz security50 > enable password 8Ry2YjIyt7RRXU24 encrypted > passwd 2KFQnbNIdI.2KYOU encrypted > hostname pixfirewall > fixup protocol ftp 21 > fixup protocol http 80 > fixup protocol h323 h225 1720 > fixup protocol h323 ras 1718-1719 > fixup protocol ils 389 > fixup protocol rsh 514 > fixup protocol rtsp 554 > fixup protocol sqlnet 1521 > fixup protocol sip 5060 > fixup protocol skinny 2000 > no fixup protocol smtp 25 > names > pager lines 24 > logging on > logging trap debugging > logging host inside 192.168.0.2 > interface ethernet0 100full > interface ethernet1 100full > interface ethernet2 100full > mtu outside 1500 > mtu inside 1500 > mtu dmz 1500 > ip address outside dhcp setroute > ip address inside 192.168.0.1 255.255.255.0 > ip address dmz 127.0.0.1 255.255.255.255 > ip audit info action alarm > ip audit attack action alarm > pdm history enable > arp timeout 14400 > global (outside) 1 interface > nat (inside) 1 0.0.0.0 0.0.0.0 0 0 > timeout xlate 0:30:00 > timeout conn 0:15:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h323 > 0:05:00 si > p 0:30:00 sip_media 0:02:00 > timeout uauth 0:05:00 absolute > aaa-server TACACS+ protocol tacacs+ > aaa-server RADIUS protocol radius > aaa-server LOCAL protocol local > no snmp-server location > no snmp-server contact > snmp-server community public > no snmp-server enable traps > floodguard enable > sysopt connection permit-ipsec > sysopt connection permit-pptp > no sysopt route dnat > telnet 192.168.0.2 255.255.255.255 inside > telnet timeout 60 > ssh timeout 5 > dhcpd auto_config outside > terminal width 80 > Cryptochecksum:0d7e04757f9b50f2a77acb163265e3ea > : end > [OK] > > _________________________________________________________________ > Send and receive Hotmail on your mobile device: http://mobile.msn.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=49760&t=49744 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
