Setting up PIX535 but no network connection at all

95 pts.
Tags:
Cisco PIX
Firewall management
Firewalls
PIX
PIX 535
I am setting up spare firewall on an old PIX 535. I reset the box to factory default, assign the inside interfact an IP address and use a cross-over cable to for a laptop to connet to PIX.  The problem is I am not able to ping the firewall from the laptop vise versa.  There is no any ACL on the PIX.  What could go wrong?

The PIX is now on 6.3(3). I hate the old IOS.  I am trying to update it to 8.0 but the first thing I need to have is a network access. The inferface is not shutdown and it has an IP address assigned. What could possibly cause the default setting without network access? 



Software/Hardware used:
PIX 535 on 6.3(3)

Answer Wiki

Thanks. We'll let you know when a new response is added.

There could be a bunch of issues.
Have you tested to see if your crossover cable is good?
Have you checked the “show interface” command to see what the interface is reporting?
Have you checked the logs while trying to ping to see if it is rejecting the packet?
Double checked your ips to make sure your laptop and pix are in th same ip range with correct subnet info?

Also, if you post your config on here we might be able to see what is wrong with the setup.

Hope that helps.

Ryan Gunther

http://www.onlinetech.com

Discuss This Question: 2  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Labnuke99
    I seem to remember that this is default behavior on the device for this IOS. Don't quote me on this, but I think I have seen this before. If you can telnet or SSH to the box, then it is reachable. ICMP is disabled by default.
    32,960 pointsBadges:
    report
  • springman
    Thanks for helping. - The crossover cable is good. Tried a couple of cables already. - show interface says it's up and received 257 packets but all of them are the broadcast packet. Looks like my ping didn't get thru. - logging is disabled by default. I have it enabled. Set logging console, but need to set the level. What level of logging shold I set? I don't like the old IOS. - IPs are in the same subnet. - telnet to pix doesn't work either. Here is the config: ====================== PIX Version 6.3(3) interface ethernet0 auto interface ethernet1 auto interface ethernet2 auto nameif ethernet0 outside security0 nameif ethernet1 inside security100 nameif ethernet2 dmz security50 enable password 5L9eZV6A9wv9aP67 encrypted passwd 2KFQnbNIdI.2KYOU encrypted hostname wt-firewall domain-name sasaki.local fixup protocol dns maximum-length 512 fixup protocol ftp 21 fixup protocol h323 h225 1720 fixup protocol h323 ras 1718-1719 fixup protocol http 80 fixup protocol rsh 514 fixup protocol rtsp 554 fixup protocol sip 5060 fixup protocol sip udp 5060 fixup protocol skinny 2000 fixup protocol smtp 25 <--- More ---> fixup protocol sqlnet 1521 fixup protocol tftp 69 names pager lines 24 logging on logging console notifications mtu outside 1500 mtu inside 1500 mtu dmz 1500 no ip address outside ip address inside 172.16.1.2 255.255.252.0 no ip address dmz ip audit info action alarm ip audit attack action alarm no failover failover timeout 0:00:00 failover poll 15 no failover ip address outside no failover ip address inside no failover ip address dmz pdm history enable arp timeout 14400 timeout xlate 3:00:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00 <--- More ---> timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00 timeout uauth 0:05:00 absolute aaa-server TACACS+ protocol tacacs+ aaa-server RADIUS protocol radius aaa-server LOCAL protocol local http server enable http 172.16.1.120 255.255.255.255 inside no snmp-server location no snmp-server contact snmp-server community public no snmp-server enable traps floodguard enable telnet timeout 5 ssh timeout 5 console timeout 0 terminal width 80 Cryptochecksum:14e87e62598e3dc396ccae4a12816122 : end
    95 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following