Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

CLIENT --- PIX ----- ROUTER ----- ISP

Hi,

I have a Cisco 827 with a static IP and i want to configure it without NAT. I want all NAT to be done by the PIX. If i remove the NAT feature im not able to access the internet. Here's my setup:

ROUTER

external ip - 66.10.71.93 (provided by my ISP)

inside ip - 10.0.1.254

gateway - 66.10.71.1 (provided by my ISP)

Pix

external - 10.0.1.1

internal - 192.168.1.254

client

192.168.1.****

Here is my router config:

ip subnet-zero

no ip finger

no ip domain-lookup

ip name-server 66.10.71.124

ip name-server 66.10.71.123

!

ip dhcp pool CLIENT

network 10.0.1.0 255.255.255.0

default-router 10.0.1.254

dns-server 66.10.71.124 66.10.71.125

domain-name gatekeeper.com

!

no ip dhcp-client network-discovery

bridge irb

!

!

!

interface Ethernet0

description Inside Interface to the 10.0.1.0/24 Network

ip address 10.0.1.254 255.255.255.0

ip nat inside

!

interface ATM0

no ip address

ip nat outside

no atm ilmi-keepalive

pvc 0/35

encapsulation aal5snap

!

bundle-enable

dsl operating-mode auto

bridge-group 1

!

interface BVI1

description Outside Interface to the 66.114.71.0/24 Network

mac-address 0041.5678.d4584

ip address 66.114.71.93 255.255.255.0

ip nat outside

!

ip classless

ip route 0.0.0.0 0.0.0.0 66.114.71.1

ip route 66.114.71.1 255.255.255.255 BVI1

no ip http server

!

ip nat pool CLIENT 66.114.71.93 66.114.71.93 netmask 255.255.255.0

ip nat inside source list 100 pool CLIENT overload

access-list 100 permit ip 10.0.1.0 0.0.0.255 any log

bridge 1 protocol ieee

bridge 1 route ip

banner motd ^C

1 REPLY

Re: CLIENT --- PIX ----- ROUTER ----- ISP

Often times complex troubleshooting issues are best addressed in an interactive session with one of our trained technical assistance engineers. While other forum users may be able to help, it’s often difficult to do so for this type of issue.

To utilize the resources at our Technical Assistance Center, please visit http://www.cisco.com/tac and to open a case with one of our TAC engineers, visit http://www.cisco.com/tac/caseopen

If anyone else in the forum has some advice, please reply to this thread.

Thank you for posting.

109
Views
0
Helpful
1
Replies
CreatePlease to create content