Cannot ping public ip from internal

Giganews Newsgroups
Subject: Cannot ping public ip from internal
Posted by:  Eddie (h…@macci.com)
Date: 2 Dec 2003

Hello Tech support,

Network are as follows :

10.10.10.3
system B -------|
                |                10.10.10.3  66.70.70.5
system A -----catalyst switch 6500 -------PIX 5** ------Cisco router
2600 -T1--
10.10.10.1      10.10.10.2                                66.70.70.6
66.70.70.7

System A ip : 10.10.10.1  (static mapped to 66.70.70.7)

System B ip : 10.10.10.3

Catalyst 6500  ip : 10.10.10.2

Pix 5** inside ip : 10.10.10.3
Pix 5** outside ip : 66.70.70.5

Cisco router 2600 ip : 66.70.70.6

We use static cmd in Pix to map the internal ip of system A
(10.10.10.1) to an public IP (66.70.70.7), so, we can connect this
system from outside the internet. Acturally, it is a web server and
user in remote site can get into the web serve by 66.70.70.7 through
internet no problem.

Problem :
System B can only connect to system A by 10.10.10.1 but not 66.70.70.7

System B cannot even ping system A by 66.70.70.7

Telnet to Pix and cannot ping 66.70.70.7 from the pix. Pinging to
10.10.10.1 is fine.Pinging to 66.60.60.6 is fine.

Telnet to Route 2600, pinging to 66.70.70.7 is fine.

Only one Vlan is use and system A and system B are in that vlan.

System A can ping any public ip in internet an any private ip in the
lan.

Pix is running os ver 5.2(4).

Do a tracert from system B to 66.70.70.7, it only show the first hop
to 10.10.10.2 (the MFSC in catalyst 6500) and the rest is just *.

We need to be able to access system A from system B by the public IP.
Have any ideas ?

Best Regards
Eddie

Replies