请高手帮看看 PIX 515e 配置出了问题
我们公司网络有两IP地址段,都在一个区域网络中,两个路由器对应两个地址段一个地址段是:10.7.131.0 网关10.7.131.111
另个地址段是:10.58.157.0 网关10.58.157.192
我公司买了一台PIX 515e 想换掉 10.7.131.111那一台路由器
我为了测试,给这台PIX 515e 设置了
内网IP:10.7.131.240 255.255.255.0
外网IP:10.58.157.230 255.255.255.0
两接口都接到了公司区域网的交换机上面测试
在区域网内用电脑ping PIX515e的内网ip和外网IP都能ping 通,
但是如果把PIX515e的内网IP设置成网关后就访问不了外网了。
在PIX 515e上能ping 通10.7.131.111 但是ping不通10.58.157.192
我是否哪里配置出了问题。我是菜鸟,高手帮帮忙!
: Saved
:
PIX Version 6.3(4)
interface ethernet0 auto
interface ethernet1 auto
nameif ethernet0 outside security0
nameif ethernet1 inside security100
enable password 8Ry2YjIyt7RRXU24 encrypted
passwd W5ZuHvaNvH1Iztsd encrypted
hostname Cepix515e
domain-name huaxun
fixup protocol dns maximum-length 512
fixup protocol ftp 21
fixup protocol ftp 3000
fixup protocol h323 h225 1720
fixup protocol h323 ras 1718-1719
fixup protocol http 80
fixup protocol http 8080
fixup protocol rsh 514
fixup protocol rtsp 554
fixup protocol sip 5060
fixup protocol sip udp 5060
fixup protocol skinny 2000
fixup protocol smtp 25
fixup protocol sqlnet 1521
fixup protocol tftp 69
names
pager lines 24
mtu outside 1500
mtu inside 1500
ip address outside 10.58.157.230 255.255.255.0
ip address inside 10.7.131.240 255.255.255.0
ip audit info action alarm
ip audit attack action alarm
no failover
failover timeout 0:00:00
failover poll 15
no failover ip address outside
no failover ip address inside
pdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 1 0.0.0.0 0.0.0.0 0 0
static (inside,outside) 10.58.157.231 10.7.131.165 netmask 255.255.255.255 0 0
conduit permit icmp any any
conduit permit tcp host 10.58.157.231 eq www any
conduit permit tcp host 10.58.157.231 eq 300 any
route outside 0.0.0.0 0.0.0.0 10.58.157.192 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00
timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00
timeout uauth 0:05:00 absolute
aaa-server TACACS+ protocol tacacs+
aaa-server TACACS+ max-failed-attempts 3
aaa-server TACACS+ deadtime 10
aaa-server RADIUS protocol radius
aaa-server RADIUS max-failed-attempts 3
aaa-server RADIUS deadtime 10
aaa-server LOCAL protocol local
http server enable
http 10.7.131.165 255.255.255.255 inside
no snmp-server location
no snmp-server contact
snmp-server community public
no snmp-server enable traps
floodguard enable
telnet 10.58.157.0 255.255.255.0 outside
telnet 10.7.131.0 255.255.255.0 inside
telnet timeout 5
ssh timeout 5
console timeout 0
terminal width 80
Cryptochecksum:b26ead5e14d45f85cf2545825a75dc82
: end 两个地址段都在一个区域网内,很多机子就是双IP。只是不同的软件用不同的IP。
我的配置有问题吗?还是没有问题,只是不能这么直接放到区域网里面用? 没有人知道吗?郁闷! 画下拓扑图,不然看不懂 其实实在不行的话,不它用 WR ER清了,从新配置就好了,有时候就那么邪门!
页:
[1]
