Thanks Ken, this was the solution to my problem... -----Original Message----- From: Claussen, Ken [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 02, 2002 10:26 PM To: Mark Campbell Subject: RE: Pix connection block problem
Static statements will always be active, set one up for each host you would like to access from the outside. see Cisco's site for more info. Ken Claussen MCSE CCNA CCA "In Theory it should work as you describe, but the difference between theory and reality is the truth! For this we all strive" -----Original Message----- From: Mark Campbell [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 02, 2002 9:22 AM To: [EMAIL PROTECTED] Subject: Pix connection block problem Hi Guys, I have a PIX 525 with version 6.1(1) running. We use it to protect our internet mail, web, dns, application etc. etc. servers. I have 6 Ethernet ports, one per subnet and of course the outside interface. My problem is this, if I have to reboot the PIX for whatever reason, all the servers are unreachable from the outside. The only thing that solves this is if I make a connected from every server to the outside. The only thing I can think off is that the firewall needs to build a NAT translation for every outgoing connection even though I use; nat (inside) 0 0.0.0.0 0.0.0.0 0 0 nat (intf2) 0 0.0.0.0 0.0.0.0 0 0 nat (intf3) 0 0.0.0.0 0.0.0.0 0 0 nat (intf4) 0 0.0.0.0 0.0.0.0 0 0 nat (intf5) 0 0.0.0.0 0.0.0.0 0 0 Any ideas on what I can do to resolve this? Thanks, Mark Campbell Network Engineer Siemens Business Services Email - [EMAIL PROTECTED] _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] For Account Management (unsubscribe, get/change password, etc) Please go to: http://lists.gnac.net/mailman/listinfo/firewalls _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] For Account Management (unsubscribe, get/change password, etc) Please go to: http://lists.gnac.net/mailman/listinfo/firewalls
