Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

Issues getting Pix 506 and Cisco 800 working together

Hi.

We have a Cisco 800 Broadband router/modem in place providing ADSL broadband connectivity for a small site (acting as the default gateway) but no firewall. I know the 800 has a built in firewall (currently disabled) but the customer has already bought a Cisco Pix 506 firewall and wants it implemented. I have a few questions.

- Is it worth just using the firewall on the 800 instead? Does it provide the same features as the Pix? (customer requires remote access via VPN client and hosts an Exchange server)

- If the best solution is implementing the Pix, how best should I wire up and configure both devices.

This customer will also be hosting a web server in the near future so any config will need to be able to accommodate this.

The current config on the 800 use PAT for internal client Internet access and forwards port 25 traffic to their Exchange server.

Also, I've already tried configuring the Pix (inside interface on 800 into outside interface on Pix via an unused switch and making inside interface on Pix the default gateway) and implementing a standard config (attached) but couldn't get it working (could ping internet IP addresses on the Pix but not from a client).

Apologies for the complicated/convoluted nature of this mail - this is a customer I've inherited and I'm trying to make sense of their setup/requirements. This is also my first experience of the 800.

Any help would be greatly appreciated.

Rex

2 REPLIES
Community Member

Re: Issues getting Pix 506 and Cisco 800 working together

No takers? I'm just after some general pointers on how best to proceed. Thanks.

Community Member

Re: Issues getting Pix 506 and Cisco 800 working together

I have a few questions.

- Is it worth just using the firewall on the 800 instead? IF YOU HAVE A PIX I WOULD USE IT BEHIND THE 800. Does it provide the same features as the Pix? NO. (customer requires remote access via VPN client and hosts an Exchange server) YOU CAN CONFIGURE PIX FOR THIS.

- If the best solution is implementing the Pix, how best should I wire up and configure both devices. 800---PIX---LAN

This customer will also be hosting a web server in the near future so any config will need to be able to accommodate this. SHOULDN'T BE AN ISSUE.

The current config on the 800 use PAT for internal client Internet access and forwards port 25 traffic to their Exchange server. YOU WILL NEED TO DISABLE PAT AND CONFIGURE PIX OUTSIDE WITH THE APPROPRIATE PUBLIC IP. PIX WILL PAT INTERNAL CLIENTS AND IF YOU STILL HAVE ANOTHER USEABLE PUBLIC IP YOU CAN USE IT FOR THE SERVER.

164
Views
0
Helpful
2
Replies
CreatePlease to create content