Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

PIX 501 Functionality - Is this possible ??

I have a PIX 501 and need to see if it would be possible to insert this into the edge of an existing network to "limit" access into the existing network.

To detail, there is a T1 connected to a Cisco 1720. This T1 is connected to a HP switch which is then connected to a small network. This is Network 1.

Network 2 is the existing Enterprise environment and will have the small Network attached via a 4600 in the IDF.

With a PIX 501 having only 1 internal interface, how could I configure all of these components so as to allow "some" access into the Enterprise network for printing etc but not as a backdoor for internet access/full network access.

Any help including exemples would be greatly appreciated.


Re: PIX 501 Functionality - Is this possible ??

It is possible to control the flow using the PIX firewall to a great degree. Actually, resticting traffic is exactly what the PIX is designed for. Based on what I understood of your setup, you could establish a VPN tunnel between the 1720 and the PIX. The remote end VPN endpoint (1720) could send all the traffic to the central site PIX. Next use access lists to define exactly what traffic goes where. To see PIX firewall configuration examples, please see