Skip to main content

pix 515E

More
15 years 10 months ago #28844 by Smurf
Replied by Smurf on topic Re: pix 515E

Hi Wayne,

Yes the laptop and pix are directly connected. but no luck with ping at all. There is no ACL at all in the config.


Can you confirm the IP Address of the Pix and Laptop ? Your original post suggests that they are on the same IP Address so want to check if its just a typo.

Cheers
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx

Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
More
15 years 10 months ago #28846 by samisujan
Replied by samisujan on topic Re: pix 515E
The ip address of laptop is 192.168.1.20/24
the ip address of the pix E1 is 192.168.1.1/24
More
15 years 10 months ago #28868 by Smurf
Replied by Smurf on topic Re: pix 515E
Hmm, that should be working ok. Can you provide a complete running-config (remove all passwords) and an IP CONFIG /ALL from your Laptop ?

Regards

Wayne
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx

Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
More
15 years 10 months ago #28882 by samisujan
Replied by samisujan on topic Re: pix 515E
Here is the config from pix and laptop.

PIX Version 7.0(4)
!
hostname pixfirewall
enable password ********* encrypted
names
!
interface Ethernet0
speed 100
duplex full
nameif outside
security-level 0
no ip address
!
interface Ethernet1
speed 100
duplex full
nameif inside
security-level 100
ip address 192.168.1.1 255.255.255.0
!
interface Ethernet2
speed 100
duplex full
nameif intf2
security-level 10
no ip address
!
interface Ethernet3
speed 100
duplex full
nameif intf3
security-level 15
no ip address
!
interface Ethernet4
speed 100
duplex full
nameif intf4
security-level 20
no ip address

interface Ethernet5
speed 100
duplex full
nameif intf5
security-level 25
no ip address
!
passwd ******** encrypted
ftp mode passive
pager lines 24
logging enable
logging timestamp
logging standby
logging buffered informational
logging trap informational
logging history alerts
logging facility 16
mtu outside 1500
mtu inside 1500
mtu intf2 1500
mtu intf3 1500
mtu intf4 1500
mtu intf5 1500
no failover
no asdm history enable
arp timeout 14400
nat-control
nat (intf3) 0 0.0.0.0 0.0.0.0
nat (intf5) 0 0.0.0.0 0.0.0.0
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00
timeout mgcp-pat 0:05:00 sip 0:30:00 sip_media 0:02:00
timeout uauth 0:05:00 absolute
aaa-server TACACS+ protocol tacacs+
aaa-server RADIUS protocol radius
no snmp-server location
no snmp-server contact
snmp-server community public
snmp-server enable traps snmp authentication linkup linkdown coldstart
no sysopt connection permit-ipsec
telnet timeout 5
ssh timeout 5
ssh version 1
console timeout 0
!
class-map inspection_default
match default-inspection-traffic
!
!
policy-map global_policy
class inspection_default
inspect dns maximum-length 512
inspect ftp
inspect h323 h225
inspect h323 ras
inspect http
inspect ils
inspect netbios
inspect rsh
inspect rtsp
inspect skinny
inspect esmtp
inspect sqlnet
inspect sunrpc
inspect tftp
inspect sip
inspect xdmcp
!
service-policy global_policy global
Cryptochecksum:3f542e611300f73167a94a8cc5c3bdd6

Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\Documents and Settings\KUAMRI SHRESTHA>ipconfig /all

Windows IP Configuration

Host Name . . . . . . . . . . . . : SAMI
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Description . . . . . . . . . . . : Atheros Wireless Network Adapter
Physical Address. . . . . . . . . : 00-11-F5-D4-39-46

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : VIA Rhine II Fast Ethernet Adapter
Physical Address. . . . . . . . . : 00-40-D0-88-F6-4C
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.20
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
More
15 years 10 months ago #28899 by S0lo
Replied by S0lo on topic Re: pix 515E
Na, Can't see whats wrong with it :?. I think it should be working!!. Waiting for Smurf to have his say.

Try this. Connect your laptop directly to another PC or Switch and Ping it from there, if it replies, then the problem is in your Pix. If it doesn't, then the problem is in your laptop. At least you know where to head your attention.

That all assuming your cable it OK.
Studying CCNP...

Ammar Muqaddas
Forum Moderator
www.firewall.cx
More
15 years 10 months ago #28913 by r0nni3
Replied by r0nni3 on topic Re: pix 515E
I dont see anything weird either. But just to be on the safe side:

interface Ethernet1
speed 100
duplex full

Do you have your network card configured for 100mbit full duplex ? if not you might wanna change the config of the pix to auto.
I dont think this is causing the problem but just have to make sure :p
Currently working as Cisco Engineer at Neon-Networking.

Certifications:
CCNA - Have it
CCNA Security - Have it
CCSP - Almost!!!!
CCIE Security - Not so far away dream
Time to create page: 0.139 seconds