Get DSL line to work with Pix outside interface?

Unanswered Question
Jan 22nd, 2008

Hi, I have a Cisco pix 515e (version 7.1). I have a DSL line which is a Cisco 877 router. THE DSL router is working fine on the Internet, but I now want to add the 877 to the Cisco 515 Pix Outside interface and give a few users behind the firewall Internet access.

The 877's IP is 192.168.0.100 and the Pix is 171.20.1.1.

I have added on the Pix a static route of:

route outside 0.0.0.0 0.0.0.0 192.168.0.100 1

I also have on the Pix:

global (outside) 1 interface (what is this?)

nat (inside) 1 171.20.1.0 255.255.255.0

Plus I have added http rules for the inside network to the outside network on port 80/443.

What else should I do?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
srue Mon, 01/28/2008 - 07:52

it sounds like the 877 is set up for NAT, is that correct?

if so, you are better off not NAT'ing as traffic passes through the PIX. Make sure nat-control is not enabled on the PIX, and remove all nat/global/static statements to make this happen.

Make sure the 877 has a route back to the internal network of the PIX.

Actions

This Discussion