Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
450
Views
0
Helpful
6
Replies

Newbie PIX user- NAT, PAT, both?

Go to solution
moconnor
Level 1
Level 1

‎01-12-2004 01:28 PM - edited ‎02-20-2020 11:11 PM

Hi,

I am test configuring my PIX 515e befre I make my users' lives living hell, and I am not sure do I NAT PAT or both.

I have a internet connection by means of a cable modem that is currently hooked to a Linksys router. I am going to say goodbye to the Linksys and use only the PIX.

So my question is do I need to NAT or PAT from the outside to the inside, and do I need to NAT or PAT from the inside out? To make things more complicated what do I do with my DMZ?

A side not I currently use the linksys to port forward MS remote desktop to an inside workstation, can I still do that?

Thanks for any help anyone has.

Marc

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
jmia
Level 7
Level 7
In response to moconnor

‎01-13-2004 04:44 AM

Hi Marc,

The document that you need is:

http://www.cisco.com/warp/public/707/28.html

Hope this helps and let me know if you need further info/help and good luck with CCNA.

Thanks - Jay.

View solution in original post

0 Helpful
6 Replies 6

Go to solution
wferrell
Level 1
Level 1

‎01-12-2004 03:37 PM

Marc

Im really worried of your efforts with the PIX. It is not an easy tool to learn and can be destructive if deployed wrong.

please hire a consultant to protect your assets

William Ferrell

IA WAN Eng., CCNP, CISSP

WaizComm-PCNets.net

0 Helpful

Go to solution
moconnor
Level 1
Level 1
In response to wferrell

‎01-13-2004 04:38 AM

Will,

I appreciate your concern, but I am currently studying for my CCNA, and trying to learn as many Cisco products as I can. To reassure you, the network it is going on is a complete test network, but i have a few people who are my willing test subjects.

0 Helpful

Go to solution
jmia
Level 7
Level 7
In response to moconnor

‎01-13-2004 04:44 AM

Hi Marc,

The document that you need is:

http://www.cisco.com/warp/public/707/28.html

Hope this helps and let me know if you need further info/help and good luck with CCNA.

Thanks - Jay.

0 Helpful

Go to solution
moconnor
Level 1
Level 1
In response to jmia

‎01-13-2004 05:39 AM

Jay,

Thats the document I need. No matter how long I search through the site it seems that I miss the one doc, that tells me what I need.

0 Helpful

Go to solution
sgamer
Level 1
Level 1

‎01-12-2004 03:57 PM

You'll want to do something similar to:

NAT (inside) 1 0.0.0.0 0.0.0.0

GLOBAL (outside) 1 interface

This will take any connection on the inside and translate it to the IP address of the outside interface (PAT).

Assuming your cable provider uses DHCP, you'll want to configure your outside address similar to:

ip address outside dhcp setroute retry

"dhcp" obviously gets an address, etc.

"setroute" sets the default route

"retry" by default retry dhcp 4 times and is configurable

As for "port forwarding" I think I've heard that the PIX has that capability but have not tried it. If the outside interface is dependant on dhcp this probably isn't the best way to go. You might want to get some static addresses from your provider. Either way, allowing remote desktop kind of defeats the purpose of the PIX.

0 Helpful

Go to solution
moconnor
Level 1
Level 1
In response to sgamer

‎01-13-2004 04:40 AM

Thanks for the direction, after 8 hours of reading I cleared up a lot of my NAT/PAT confusion. Going to keep plugging away.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card