Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Get DSL line to work with Pix outside interface?

Hi, I have a Cisco pix 515e (version 7.1). I have a DSL line which is a Cisco 877 router. THE DSL router is working fine on the Internet, but I now want to add the 877 to the Cisco 515 Pix Outside interface and give a few users behind the firewall Internet access.

The 877's IP is 192.168.0.100 and the Pix is 171.20.1.1.

I have added on the Pix a static route of:

route outside 0.0.0.0 0.0.0.0 192.168.0.100 1

I also have on the Pix:

global (outside) 1 interface (what is this?)

nat (inside) 1 171.20.1.0 255.255.255.0

Plus I have added http rules for the inside network to the outside network on port 80/443.

What else should I do?

2 REPLIES
Silver

Re: Get DSL line to work with Pix outside interface?

You will have to NAT the traffic flowing through the PIX as PIX will drop the traffic if a NAT rule does not exist. Following link may help you

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00804619d8.shtml

Gold

Re: Get DSL line to work with Pix outside interface?

it sounds like the 877 is set up for NAT, is that correct?

if so, you are better off not NAT'ing as traffic passes through the PIX. Make sure nat-control is not enabled on the PIX, and remove all nat/global/static statements to make this happen.

Make sure the 877 has a route back to the internal network of the PIX.

147
Views
0
Helpful
2
Replies