04-12-2006 08:43 AM - edited 03-09-2019 02:35 PM
I have an internal network consisting of several subnets (on different vlans) that all need to access the internet thru a single cisco PIX501. These are the inside networks:
192.168.1.0
192.168.2.0
192.168.3.0
The outside network is 192.168.0.0
The PIX is address 192.168.1.254. The internal networks are routed thru a layer 3 Catalyst 3550, and I know the packets are being routed to the PIX properly. However only computers on the same network as the PIX (192.168.1.0) are getting to the internet. The other networks packets are being dropped.
I tried creating outbound ACLs but only managed to stop outbound traffic on all the networks by doing so. I am assuming I don't understand what I need in the outbound access list.
Could someone clue me in on what I need in my PIX configuration?
Thanks
John
04-18-2006 11:10 AM
You have to check your subnet mask in the insdie and outside network. As the 3rd octet has been subnetting for inside network.
04-18-2006 04:23 PM
You need to create a combination of NAT and Global statements allowing traffic from the inside networks to be NATed out to the Internet. Also make sure your access-list applied to your inside interface allow traffic from the internal subnets to any on port 80
... If you like please post the config and I will have alook for you
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: