2006-03-23
The east coast office move was a success. I wrote the PIX commands that they would need to run once they powered on the PIX and consoled in. I made one minor goof that held things up for about 10 minutes while I figured out what was missing. I removed the inbound access-list lines and added them back in using the new external address. That seemed easy enough when I planned it ahead of time. The one thing that I forgot about was that as soon as you remove the last access-list entry, when you rebuild the access-list you also need to reapply them to the (external in this case) interface using the access-group command. One lousy line that was overlooked caused a bit of confusion...but at least I should remember this in the future. Hopefully this help anyone else out there that aren't Cisco experts already.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment