This past weekend had an oppostunity to try and test the switch and firewall at home on my DSL line.
The aim was to see could i get PIX work with my ADSL modem/connection normally.
First attempt was to put my DSL modem to Bridged state so it would pass the IP address from ISP to PIX. After following the intructions from the manufacturer to enable the bridged mode on the modem, PIX eventually got the IP address from ISP. However i didnt get anykind of connection outwards whatsoever.
I had both the switch and firewall pointing all traffic towards the outside interface of the firewall. I had my ISPs DNS servers IP addresses configured and i had allowed this traffic from the network.
Has anyone got any past expirience on using a simple DSL modem in front of PIX as a means to connect to the internet? Is there some specific things i need to configure in PIX to allow the connection to work properly?
I did try another scenario where the modem was working in its default state. (Routing) With this i got the connection working pretty flawlesly. I could access sites outside my network and could use services that i had enabled in the PIX access-lists. Only if id use this setup at the end i would have to use some port forwarding to get some certain connections all the way to my inside network, which in itself aint a problem.
To sum it up, im asking,
1.) Is there some specific things i need to allow on PIX outside interface to get it working with my ISP and the DSL modem that is in Bridged mode passing the IP directly to PIX?
(I had some constant UDP traffic/request blocked on the outside interface. IP address range was from ISP i think but the port was UDP/778 which is unknown to me atleast)
2.) Is using the modem in Routing mode in front of the PIX in any way a bad practice? Since i got it working with this way ill probably end up using it if i cant correct the behaviour of my original setup.
Anu suggestion and advice to the above matters are highly appriciated.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...