Hi all, Im new to using pix but I have managed to source one at home, a pix 501, I have a dsl internet connection on my cisco soho router, Can anyone please tell me simple steps in setting this pix up for internet access ?, configs and what needs plugging where would be helpful.
Thanks a million
If its a brand new pix 501 it should already have a default config that will allow you to plug it into a dsl or cable modem that is issueing DHCP. It then should allow you to connect a pc on the inside lease a DHCP address from the pix and allow you access out.
To make any more changes you can either use pdm or cli. I recommend PDM for anyone not confortable with CLI. If you post your cli config I can tell you if its setup with the default config or not. For more information go to cisco's learning connection:
or go to the pix area and look at the documentation on the right side:
the first question is whether you would prefer the public ip to be assigned on the router as before, or on the pix.
the pros to assign the public ip on the pix is that you will only need to play with a single device in the future, and you don't need to login to the soho for any change.; the cons is that a little bit more configuration needs to be completed.
personally, i would assign the public ip on the pix. it requires to re-configure the soho to run in bridging mode as opposed to the typical routing mode, and configure pppoe (optional) on the pix if required by the isp.
below are the sample codes for router running in bridging mode:
no ip address
no ip route-cache
hold-queue 100 out
no ip address
no ip route-cache
no atm ilmi-keepalive
dsl operating-mode auto
ip http server
bridge 1 protocol ieee
below are the sample codes for pix with pppoe:
ip address outside pppoe setroute
ip address inside 192.168.1.1 255.255.255.0
global (outside) 1 interface
nat (inside) 1 0.0.0.0 0.0.0.0 0 0
vpdn group pppoe_group request dialout pppoe
vpdn group pppoe_group localname
vpdn group pppoe_group ppp authentication chap
Thanks for being so Helpful, I have someone here who is a CCIE, he says you dont need to run the routers in bridging mode, my other question is if I put my isp WAN ip on the pix, what ip addresses would I give my router as I thought this is already pulling in the wan ip to the dialler interface ?
this is exactly why it is needed to re-configure the router running in bridging mode, which has no ip address on any interface. thus the only way to connect to the router afterwards is console.
as mentioned in my previous post, this is not necessary. you may deploy the pix without any public ip.
internet <--> (public ip) router (192.168.1.1) <--> (192.168.1.2) pix (192.168.100.1) <--> 192.168.100.0
however, you would need to play with both device for any future changes.
just wondering if you are referring to the one with router in bridging mode, and pix with pppoe. if so, they are already posted. please read my first post.
pppoa is over atm interface; whereas pppoe is over ethernet. pix has no atm interface, thus it supports only pppoe.
these days both pppoe and pppoa should be supported at the isp end, at least in australia.
please excuse me for not being able to explain the concept well.
dsl is still connected to the router atm interface, and that is exactly why the router needs to be re-configured in running bridging mode.
thx for the reply, will i still be using pppoa on my dsl interface and will this still bring up the connection via a dialler and access list ?