Re: [cisco-ttl] PIX firewall internal interface'i pingleme problemi

From: cenk tasdan <cenktasdan_at_....>
Date: Wed Jun 08 2005 - 09:11:13 EEST


Merhabalar,

Access-list'i de Conduit'i de denemistim ama 2'sinde de sonuc olumsuz.

PIX versiyonu 6.3.1 ve de maalesef esas pinglemek istedigimiz PIX Cin'de. :) Problem aninda mudahele etmemiz de biraz zor olacak. O nedenle ilk asamada bu versiyon upgrade'ini dusunmuyoruz. Ama sanirim 6.3.1'de de gecerli soylediginiz komut bunu deneyecegim.

Tesekkurler, iyi calismalar,

>
> "Conduit" komutu PIX v7 da kaldirildi. Access List'e
> cevirmen lazim.
> PIX genel olarak bir bacaktan obur bacagini
> ping'lemeye izin vermez. Bu
> sanirim 6.3.3 de " management-access" komutu ile
> degistirildi..
> Senin "management-access outside" yazman gerekiyor
> (access-list yada
> conduit'e ilave olarak !)..
>
> '
>
> ==================================
> Serhat Uslay
> Data Networks Team Leader
> Zurich Financial Services
> Tel; (02) 9995 4945 Cell: 0401 105 485
> Email; serhat.uslay@zurich.com.au
> ==================================
>
>
>
> cenk tasdan <cenktasdan@yahoo.com>
> Sent by: cisco-ttl@yahoogroups.com
> 07/06/2005 11:32 PM
> Please respond to
> cisco-ttl@yahoogroups.com
>
>
> To
> cisco-ttl@yahoogroups.com
> cc
>
> Subject
> [cisco-ttl] PIX firewall internal interface'i
> pingleme problemi
>
>
>
>
>
>
> Merhabalar,
>
> PIX firewall'da outside'dan gelip ic bacagini
> pinglemek mumkun mu? Eger mumkun ise konfigurasyonu
> nasil oluyor bir fikri olan var mi?
>
> icmp permit komutu ile internal interface'ini ping'e
> actim. Hadi bu yetmedi icmp any any hem ic hem de
> dis
> bacagina verdim. Ama yine de pingleyemedim. Debug
> Icmp
> ettigimde ise Echo-Req. geldigini gordum ama
> firewall'dan reply'lar cikmiyordu. Son olarak
> herhalde
> pinglenemiyor. Cisco buna izin vermiyor diye
> dusundum.
>
> Bir fikri olan cozum onerisi olan var mi?
>
> PS1:
> NAT yapilmiyor.
>
> PS2:
> 2 taraf arasinda PIX'lerin onunde duran Routerlar
> arasinda VPN yapiliyor, ve PIX arkasindaki
> networkler
> birbirini sorunsuz pingliyor.
>
> Tesekkurler.
>
>
>
> __________________________________
> Discover Yahoo!
> Use Yahoo! to plan a weekend, have fun online and
> more. Check it out!
> http://discover.yahoo.com/
>
>
>
>
> --
> Cisco Teknik Tartisma Listesi (Cisco-ttl)
>
> Bu listede onerilen degisikliklerin uygulanmasindaki
> tum sorumluluk
> kullaniciya aittir. Liste yoneticileri, oneride
> bulunan liste uyeleri ya
> da
> bu uyelerin calistigi kuruluslar herhangi bir
> sekilde sorumlu
> tutulamazlar.
> Yahoo! Groups Links
>
>
>
>
>
>
>
>
>
>
>
> ----
> This email is intended for the named recipient only.
> It may contain information which is confidential,
> commercially sensitive, or copyright. If you are not
> the intended recipient you must not reproduce or
> distribute any part of the email, disclose its
> contents, or take any action in reliance. If you
> have received this email in error, please contact
> the sender and delete the message. It is your
> responsibility to scan this email and any
> attachments for viruses and other defects.
> To the extent permitted by law, Zurich and its
> associates will not be liable for any loss or damage
> arising in any way from this communication including
> any file attachments. We may monitor email you send
> to us, either as a reply to this email or any email
> you send to us, to confirm our systems are protected
> and for compliance with company policies. Although
> we take reasonable precautions to protect the
> confidentiality of our email systems, we do not
> warrant the confidentiality or security of email or
> attachments we receive.
>
> [Non-text portions of this message have been
> removed]
>
>
                



Discover Yahoo!
Have fun online with music videos, cool games, IM and more. Check it out! http://discover.yahoo.com/online.html
--------------------------------------------------------------------~-> 

--
Cisco Teknik Tartisma Listesi (Cisco-ttl)

Bu listede onerilen degisikliklerin uygulanmasindaki tum sorumluluk 
kullaniciya aittir. Liste yoneticileri, oneride bulunan liste uyeleri ya da 
bu uyelerin calistigi kuruluslar herhangi bir sekilde sorumlu tutulamazlar. 
Yahoo! Groups Links

<*> To visit your group on the web, go to:
    http://groups.yahoo.com/group/cisco-ttl/

<*> To unsubscribe from this group, send an email to:
    cisco-ttl-unsubscribe@yahoogroups.com

<*> Your use of Yahoo! Groups is subject to:
    http://docs.yahoo.com/info/terms/
 
Received on Wed Jun 8 10:30:09 2005

This archive was generated by hypermail 2.1.8 : Wed Jun 08 2005 - 10:30:10 EEST