Get DSL line to work with Pix outside interface?

Unanswered Question
Jan 22nd, 2008
User Badges:

Hi, I have a Cisco pix 515e (version 7.1). I have a DSL line which is a Cisco 877 router. THE DSL router is working fine on the Internet, but I now want to add the 877 to the Cisco 515 Pix Outside interface and give a few users behind the firewall Internet access.


The 877's IP is 192.168.0.100 and the Pix is 171.20.1.1.


I have added on the Pix a static route of:

route outside 0.0.0.0 0.0.0.0 192.168.0.100 1


I also have on the Pix:

global (outside) 1 interface (what is this?)

nat (inside) 1 171.20.1.0 255.255.255.0


Plus I have added http rules for the inside network to the outside network on port 80/443.


What else should I do?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
srue Mon, 01/28/2008 - 07:52
User Badges:
  • Blue, 1500 points or more

it sounds like the 877 is set up for NAT, is that correct?

if so, you are better off not NAT'ing as traffic passes through the PIX. Make sure nat-control is not enabled on the PIX, and remove all nat/global/static statements to make this happen.

Make sure the 877 has a route back to the internal network of the PIX.

Actions

This Discussion