- Posts: 80
- Thank you received: 0
Ping from within PIX to a vitrual ip address
17 years 10 months ago #19269
by zillah
Ping from within PIX to a vitrual ip address was created by zillah
I have got the pix with this configuration :
ip address outside 10.1.1.130 255.255.255.0
ip address inside 192.168.100.1 255.255.255.0
ip address dmz 192.168.101.1 255.255.255.0
static (dmz,outside) 10.1.1.203 192.168.101.203 netmask 255.255.255.255 0 0
static (dmz,outside) 10.1.1.204 192.168.101.202 netmask 255.255.255.255 0 0
static (dmz,outside) 10.1.1.132 192.168.101.221 netmask 255.255.255.255 0 0
static (inside,dmz) 192.168.101.212 192.168.2.12 netmask 255.255.255.255 0 0
All these ip addresses (192.168.101.202/203/221) in the DMZ area are dedicated for different servers in the dmz area
10.1.1.132/203/204/ are virtual (may be this not the proper name) ip addresses mapped to the DMZ area.
10.1.1.132/203/204,,,refer to the ip addresses in the outside zone
192.168.2.12 for the inside server , while 192.168.101.212 is virtual ip address in the DMZ area
From within the PIX itself, when I tried to ping (virtual ip address I could not), while I was able to ping all other ip addresses (dedicated to a device) :
FW# ping 10.1.1.203
10.1.1.203 NO response received -- 1000ms
10.1.1.203 NO response received -- 1000ms
10.1.1.203 NO response received -- 1000ms
FW# ping 10.1.1.204
10.1.1.204 NO response received -- 1000ms
10.1.1.204 NO response received -- 1000ms
10.1.1.204 NO response received -- 1000ms
FW# ping 10.1.1.132
10.1.1.132 NO response received -- 1000ms
10.1.1.132 NO response received -- 1000ms
10.1.1.132 NO response received -- 1000ms
FW# ping 192.168.101.203
ip address for on of the DMZ server
192.168.101.203 response received -- 0ms
192.168.101.203 response received -- 0ms
192.168.101.203 response received -- 0ms
FW# ping 192.168.100.1
ip address for inside interface itself
192.168.100.1 response received -- 0ms
192.168.100.1 response received -- 0ms
192.168.100.1 response received -- 0ms
FW# ping 10.1.1.130
ip address for outside interface itself
10.1.1.130 response received -- 0ms
10.1.1.130 response received -- 0ms
10.1.1.130 response received -- 0ms
FW# ping 192.168.2.12
ip address for inside server
192.168.2.12 response received -- 0ms
192.168.2.12 response received -- 0ms
192.168.2.12 response received -- 0ms
FW# ping 192.168.101.212
virtual ip (may be this is not the proper name)address for DMZ area
192.168.101.212 NO response received -- 1000ms
192.168.101.212 NO response received -- 1000ms
192.168.101.212 NO response received -- 1000ms
ip address outside 10.1.1.130 255.255.255.0
ip address inside 192.168.100.1 255.255.255.0
ip address dmz 192.168.101.1 255.255.255.0
static (dmz,outside) 10.1.1.203 192.168.101.203 netmask 255.255.255.255 0 0
static (dmz,outside) 10.1.1.204 192.168.101.202 netmask 255.255.255.255 0 0
static (dmz,outside) 10.1.1.132 192.168.101.221 netmask 255.255.255.255 0 0
static (inside,dmz) 192.168.101.212 192.168.2.12 netmask 255.255.255.255 0 0
All these ip addresses (192.168.101.202/203/221) in the DMZ area are dedicated for different servers in the dmz area
10.1.1.132/203/204/ are virtual (may be this not the proper name) ip addresses mapped to the DMZ area.
10.1.1.132/203/204,,,refer to the ip addresses in the outside zone
192.168.2.12 for the inside server , while 192.168.101.212 is virtual ip address in the DMZ area
From within the PIX itself, when I tried to ping (virtual ip address I could not), while I was able to ping all other ip addresses (dedicated to a device) :
FW# ping 10.1.1.203
10.1.1.203 NO response received -- 1000ms
10.1.1.203 NO response received -- 1000ms
10.1.1.203 NO response received -- 1000ms
FW# ping 10.1.1.204
10.1.1.204 NO response received -- 1000ms
10.1.1.204 NO response received -- 1000ms
10.1.1.204 NO response received -- 1000ms
FW# ping 10.1.1.132
10.1.1.132 NO response received -- 1000ms
10.1.1.132 NO response received -- 1000ms
10.1.1.132 NO response received -- 1000ms
FW# ping 192.168.101.203
ip address for on of the DMZ server
192.168.101.203 response received -- 0ms
192.168.101.203 response received -- 0ms
192.168.101.203 response received -- 0ms
FW# ping 192.168.100.1
ip address for inside interface itself
192.168.100.1 response received -- 0ms
192.168.100.1 response received -- 0ms
192.168.100.1 response received -- 0ms
FW# ping 10.1.1.130
ip address for outside interface itself
10.1.1.130 response received -- 0ms
10.1.1.130 response received -- 0ms
10.1.1.130 response received -- 0ms
FW# ping 192.168.2.12
ip address for inside server
192.168.2.12 response received -- 0ms
192.168.2.12 response received -- 0ms
192.168.2.12 response received -- 0ms
FW# ping 192.168.101.212
virtual ip (may be this is not the proper name)address for DMZ area
192.168.101.212 NO response received -- 1000ms
192.168.101.212 NO response received -- 1000ms
192.168.101.212 NO response received -- 1000ms
Time to create page: 0.109 seconds