Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
283
Views
0
Helpful
2
Replies

Issues getting Pix 506 and Cisco 800 working together

Rex Biesty
Level 1
Level 1

‎05-31-2007 02:11 AM - edited ‎03-11-2019 03:23 AM

Hi.

We have a Cisco 800 Broadband router/modem in place providing ADSL broadband connectivity for a small site (acting as the default gateway) but no firewall. I know the 800 has a built in firewall (currently disabled) but the customer has already bought a Cisco Pix 506 firewall and wants it implemented. I have a few questions.

- Is it worth just using the firewall on the 800 instead? Does it provide the same features as the Pix? (customer requires remote access via VPN client and hosts an Exchange server)

- If the best solution is implementing the Pix, how best should I wire up and configure both devices.

This customer will also be hosting a web server in the near future so any config will need to be able to accommodate this.

The current config on the 800 use PAT for internal client Internet access and forwards port 25 traffic to their Exchange server.

Also, I've already tried configuring the Pix (inside interface on 800 into outside interface on Pix via an unused switch and making inside interface on Pix the default gateway) and implementing a standard config (attached) but couldn't get it working (could ping internet IP addresses on the Pix but not from a client).

Apologies for the complicated/convoluted nature of this mail - this is a customer I've inherited and I'm trying to make sense of their setup/requirements. This is also my first experience of the 800.

Any help would be greatly appreciated.

Rex

Labels:
21839-pix506config.cfg
21840-800config.cfg
0 Helpful
2 Replies 2

Rex Biesty
Level 1
Level 1

‎06-04-2007 03:55 AM

No takers? I'm just after some general pointers on how best to proceed. Thanks.

0 Helpful

palomoj
Level 1
Level 1

‎06-04-2007 03:32 PM

I have a few questions.

- Is it worth just using the firewall on the 800 instead? IF YOU HAVE A PIX I WOULD USE IT BEHIND THE 800. Does it provide the same features as the Pix? NO. (customer requires remote access via VPN client and hosts an Exchange server) YOU CAN CONFIGURE PIX FOR THIS.

- If the best solution is implementing the Pix, how best should I wire up and configure both devices. 800---PIX---LAN

This customer will also be hosting a web server in the near future so any config will need to be able to accommodate this. SHOULDN'T BE AN ISSUE.

The current config on the 800 use PAT for internal client Internet access and forwards port 25 traffic to their Exchange server. YOU WILL NEED TO DISABLE PAT AND CONFIGURE PIX OUTSIDE WITH THE APPROPRIATE PUBLIC IP. PIX WILL PAT INTERNAL CLIENTS AND IF YOU STILL HAVE ANOTHER USEABLE PUBLIC IP YOU CAN USE IT FOR THE SERVER.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card