Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
694
Views
0
Helpful
5
Replies

Internet Access, PIX firewall Catalyst 2960

sbsi_cisco
Level 1
Level 1

‎06-19-2007 09:21 AM - edited ‎03-05-2019 04:49 PM

Hello,

I had a question regarding a PIX 506e firewall and a Catalyst 2960 switch and setting up internet access. Everything worked fine before I decided to subnet the internal network, I had it set up so the internet can be used and RDP can be passed through the firewall, ever sense I decided to subnet the network, I can still get RDP to pass through the firewall but I can not connect to the internet inside the network. Any advice would be much appreciated, thanks in advance!

Greg LePage

Labels:
0 Helpful
5 Replies 5

pstebner1
Level 1
Level 1

‎06-19-2007 10:57 AM

Hi Greg-

It sounds like maybe you need an internal route on your PIX. How did you subnet, and what is the topology of your network?

Paul

0 Helpful

sbsi_cisco
Level 1
Level 1
In response to pstebner1

‎06-19-2007 01:41 PM

Here is the scenario, I will try to describe it the best I can without confusing anyone. The current network I am building has been sub netted to the following;

Domain Controller 1: 192.168.7.5 / 255.255.255.240

Domain Controller 2: 192.168.7.6 / 255.255.255.240

Terminal Services 1: 192.168.7.7 / 255.255.255.240

Terminal Services 2: 192.168.7.2.8 / 255.255.255.240

Encrypted File System: 192.168.7.9 / 255.255.255.240

On the terminal services I am using both the NICs to segment the network, so therefore they use the IP/SUB 192.168.7.20 / 255.255.255.240 & .21

I set up the PIX firewall to allow RDP connections to both TS1 and TS2. Now the issue I am having, is before I sub netted the network I could get both RDP connections and internet connections inside the internal network, however after doing what I described above I can still RDP into the network from the outside, but I can?t use the internet while inside. It?s weird because as soon as I change the subnet back to 255.255.255.0 the internet works.

Sorry if this was confusing and thanks for your help!

-Greg LePage

0 Helpful

JORGE RODRIGUEZ
Level 10
Level 10
In response to sbsi_cisco

‎06-19-2007 01:45 PM

are your newly created subnets properly nat-ted for outbound internet access in the firewall?

Jorge Rodriguez
0 Helpful

sbsi_cisco
Level 1
Level 1
In response to JORGE RODRIGUEZ

‎06-19-2007 01:48 PM

??? Could you please clarify ???

0 Helpful

pstebner1
Level 1
Level 1
In response to sbsi_cisco

‎06-19-2007 02:24 PM

You would have:

global (outside) 1 interface

nat (inside) 1 192.168.7.0 255.255.255.240

If you have this already, please post a config if you can.

HTH,

p

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card