|
|
 FAQ
 Search
 Memberlist
 Usergroups
 Register
 Profile
 Private messages
 Log in
|
|
| Author |
Message |
itdweeb99
Guest
|
 Posted: Tue Aug 15, 2006 10:08 pm Post subject: New to cisco |
 |
|
Currently in my run config, I have a section that looks like the
following:
ip classless
ip route 0.0.0.0 0.0.0.0 100.100.100.100
ip route 100.100.100.100 255.255.255.255 222.222.222.222
ip route 100.100.100.100 255.255.255.255 222.222.222.222
ip route 100.100.100.100 255.255.255.255 222.222.222.222
ip route 100.100.100.100 255.255.255.255 222.222.222.222
ip route 100.100.100.100 255.255.255.255 222.222.222.222
no ip http server
I'm very new at Cisco and would like to know how I go about adding a
line to this section. What commands do I need to use? Thanks in
advance!! |
|
| Back to top |
|
 |
|
|
amigan
Guest
|
| Posted: Tue Aug 15, 2006 10:51 pm Post subject: Re: New to cisco |
|
|
enable
config t
<enter your commands>
exit
copy run start
itdweeb99 wrote:
| Quote: | Currently in my run config, I have a section that looks like the
following:
ip classless
ip route 0.0.0.0 0.0.0.0 100.100.100.100
ip route 100.100.100.100 255.255.255.255 222.222.222.222
ip route 100.100.100.100 255.255.255.255 222.222.222.222
ip route 100.100.100.100 255.255.255.255 222.222.222.222
ip route 100.100.100.100 255.255.255.255 222.222.222.222
ip route 100.100.100.100 255.255.255.255 222.222.222.222
no ip http server
I'm very new at Cisco and would like to know how I go about adding a
line to this section. What commands do I need to use? Thanks in
advance!! |
|
|
| Back to top |
|
|
Chad Mahoney
Guest
|
| Posted: Thu Nov 08, 2007 3:25 am Post subject: Re: New to Cisco |
|
|
KEN wrote:
| Quote: | On Nov 7, 2:05 pm, Chad Mahoney <c...@nospam.mah0ney.com> wrote:
KEN wrote:
The server I am trying to reach is on the PIX network and has that
device set as the default gateway. That was I thought originally was
the problem. The two firewalls are on separate lines and have
separate public interfaces. I am able to get to the outside from
behind the PIX from the server and my machine. I am pretty sure that
the watchguard isn't effecting the other firewall.
Ken,
Try this, issue a 'show xlate' command, it will list current
translations in the NAT table, in the list look for an entry such as:
PAT Global External IP(443) Local 10.0.1.200(443)
This will tell us if it is a NAT issue or an ACL issue
I have port 25, 1045, 1044, 1041, 1040, 1031 but no 80 or 443. Which
could be a problem.
|
Ah!
I assume you have some extra IP address? If so could you try this...
access-list outside_access_in_1 permit tcp any host <Another static IP
address> eq 25
access-list outside_access_in_1 permit tcp any host <Another static IP
address> eq 80
access-list outside_access_in_1 permit tcp any host <Another static IP
address> eq 443
then place these:
static(inside,outside) tcp <Another Static IP> smtp 10.0.1.200 smtp
netmask 255.255.255.255
static(inside,outside) tcp <Another Static IP> 80 10.0.1.200 80 netmask
255.255.255.255
static(inside,outside) tcp <Another Static IP> 443 10.0.1.200 443
netmask 255.255.255.255
access-group outside_access_in_1 in interface outside
Before doing this remove any existing ACL or static statements, also
remove the nat (inside) 0 inside_nat0 statement. |
|
| Back to top |
|
|
|
|
