mailing list archives
Internal users hitting external NAT address...
From: Daniel Linder <dan_linder () yahoo com>
Date: Wed, 30 May 2001 15:13:50 -0700 (PDT)
(I am re-posting this from a plain text e-mail client to ensure the
text does not have HTML. -- Dan dlinder () iprev com)
I am setting up a test network which currently has a single PIX
firewall and two interfaces (inside, outside). The internal network
is using a private IP range, and the PIX is configured to listen to
multiple external IP addresses and send packets through to the
correct server behind the firewall. This works fine and I can access
the various servers from the Internet with no problem.
Now for the question: I believe I have run into a known limitation
of the PIX firewall that my "internal" workstations can't hit the
outside IP address of the web server and pull up the web page. Has
anyone found a solution to this problem? The customer I have been
working with is not really keen on setting up a split-DNS (which I
have used to get around this in the past). To further add a kink in
the works, I *have* configured this to work in this manner with a
Linux box as the firewall but that solution is not an option here.
I've been searching the archives but I haven't been able to find
anyone who has mentioned this problem. Has anyone found a solution
Do You Yahoo!?
Get personalized email addresses from Yahoo! Mail - only $35
a year! http://personal.mail.yahoo.com/
firewall-wizards mailing list
firewall-wizards () nfr com
- Internal users hitting external NAT address... Daniel Linder (May 30)