[c-nsp] PIX route problems - Marr, Joe - net.nether.puck.cisco-nsp

5 messages in net.nether.puck.cisco-nsp[c-nsp] PIX route problems

From	Sent On	Attachments
Marr, Joe	Jan 2, 2005 12:05 am
Ted Mittelstaedt	Jan 2, 2005 5:44 am
Marr, Joe	Jan 2, 2005 10:20 am
Ted Mittelstaedt	Jan 2, 2005 5:22 pm
Lora Ganeva	Jan 3, 2005 6:24 am

	Permalink for this message Paste this link in email or IM:
	Permalink for this thread Paste this link in email or IM:
	Atom feed for this thread Paste this URL into your reader:

Subject:	[c-nsp] PIX route problems	Actions...
From:	Marr, Joe (jma...@brodart.com)
Date:	Jan 2, 2005 12:05:34 am
List:	net.nether.puck.cisco-nsp

I'm trying to configure the following

I have a Pix525 with 3 physical interfaces. The DMZ interface is configured for VLANS. Only 2 vlans are used, native (matching up to VLAN1 on my switch) is used for my DMZ servers and VLAN 55 is used to connect to a VPN 3005. A /30 is used to number VLAN 55 on the PIX to the private interface on the VPN 3005. A /24 is statically routed from the PIX, pointing to the IP address on private interface for use by various VPN clients.

My problem is that when I try to access anything from the VPN client /24 going to the DMZ interface, I get this error in the firewall log:

%PIX-6-110001: No route to 10.101.0.5 from 10.1.2.2

I can access everything from the VPN on the internal interface, I can't figure out what's misconfigured.

The security setting for the interfaces are configured as follows:

dmz = 50

vpn = 25

Any help will be greatly appreciated.

Joe Marr

	Start a set with this search
	Include this search in one of my sets
	Exclude this search from one of my sets
	Permalink to these results Paste this link in email or IM:
	Atom feed for tracking future search results Paste this URL into your reader: