Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Multiple internal subnets need internet access thru a PIX501

I have an internal network consisting of several subnets (on different vlans) that all need to access the internet thru a single cisco PIX501. These are the inside networks:

192.168.1.0

192.168.2.0

192.168.3.0

The outside network is 192.168.0.0

The PIX is address 192.168.1.254. The internal networks are routed thru a layer 3 Catalyst 3550, and I know the packets are being routed to the PIX properly. However only computers on the same network as the PIX (192.168.1.0) are getting to the internet. The other networks packets are being dropped.

I tried creating outbound ACLs but only managed to stop outbound traffic on all the networks by doing so. I am assuming I don't understand what I need in the outbound access list.

Could someone clue me in on what I need in my PIX configuration?

Thanks

John

2 REPLIES
Bronze

Re: Multiple internal subnets need internet access thru a PIX501

You have to check your subnet mask in the insdie and outside network. As the 3rd octet has been subnetting for inside network.

Re: Multiple internal subnets need internet access thru a PIX501

You need to create a combination of NAT and Global statements allowing traffic from the inside networks to be NATed out to the Internet. Also make sure your access-list applied to your inside interface allow traffic from the internal subnets to any on port 80

... If you like please post the config and I will have alook for you

182
Views
0
Helpful
2
Replies
CreatePlease to create content