HO & Restaurants connectivity through PIX 501

Unanswered Question
Sep 14th, 2008


We are a F&B company. We have 06 restaurants currently running and in the next 3 months another 15 will be added. Below are the technical details:

1. Each restaurant will have one PC running a application which will be connected to a server at HO through data circuits.

2. Each restaurant user will also have access to his e-mail and should be able to share files.

3. The data circuits are done through ADSL for each restaurant.


1. The HO lan is running a network with all the static natting done on a pix 501 firewall.

2. There is a DHCP/Domain/Dns/Exchange( and a ISA server( running on the LAN which serves all the users.

3. How do I get users to come on the same LAN? The ISP doesnt recommend bridging and are asking me to assign separate networks for each restaurant.

4. If I do so means changing the configuration on the firewall and I m not well versed with pix so have no idea hwo do i go about adding further subnets to nat. The company doesnt want to invest in new hardware.

5. If the restaurant users need to use email/internet access I need to create NATS on the Pix for the respective subnets. Currently the gateway for is, what will be the gateway If I add further subnets on the pix?

6. Will I be able to work without issues if I use bridging and connect to my LAN from the restaurants?

Please give me your recommendations, attached is the config file of the firewall and network diagram.


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Marwan ALshawi Sun, 09/14/2008 - 01:33

in the routers u use the ISA as the next hop as a default gateway then the isa send the traffic to the pix ?

sarfarazkazi Sun, 09/14/2008 - 02:27

Dear Marwan,

All the routers(Data) have the Pix as the gateway. Can I use ISA as the gateway? Then I will need to define these routes on the ISA?


This Discussion