Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Pix 501 Problem

I can not configure a pix 501 like a firewall, i need to know if it comes with a default configuration. I connect the PIX to the LAN and it start´s to DHCP every machine on the network with no problem, but none of the user´s can access the internet.

i need to know what should i do to get access to the internet and security protection to the network.

Where can i get information to configure the Pix if i realy need to configure it!!!

1 ACCEPTED SOLUTION

Accepted Solutions

Re: Pix 501 Problem

Hi ... basically you need the following basic steps to get your internal users access to the internet

If you are using PIX 6.3(5)

interface ethernet0 100full

interface ethernet1 100full

nameif ethernet0 outside security0

nameif ethernet1 inside security100

access-list inside_access_in permit ip any any

access-group inside_access_in in interface inside

nat (inside) 1 access-list inside_access_in

global (outside) 1 interface

NOTE: with the ablove piece of config your internal users will have FULL acccess to the internet. If you want to restrict acccess to only http, https, ftp, dns ..etc then you need to modify the access-list to something like this ..

access-list inside_access_in permit tcp any any eq www

access-list inside_access_in permit tcp any any eq 443

access-list inside_access_in permit tcp any any eq ftp

access-list inside_access_in permit tcp any any eq 53

access-list inside_access_in permit udd any any eq 53

I hope it helps ... please rate it if it does !!!

7 REPLIES

Re: Pix 501 Problem

Hi ... basically you need the following basic steps to get your internal users access to the internet

If you are using PIX 6.3(5)

interface ethernet0 100full

interface ethernet1 100full

nameif ethernet0 outside security0

nameif ethernet1 inside security100

access-list inside_access_in permit ip any any

access-group inside_access_in in interface inside

nat (inside) 1 access-list inside_access_in

global (outside) 1 interface

NOTE: with the ablove piece of config your internal users will have FULL acccess to the internet. If you want to restrict acccess to only http, https, ftp, dns ..etc then you need to modify the access-list to something like this ..

access-list inside_access_in permit tcp any any eq www

access-list inside_access_in permit tcp any any eq 443

access-list inside_access_in permit tcp any any eq ftp

access-list inside_access_in permit tcp any any eq 53

access-list inside_access_in permit udd any any eq 53

I hope it helps ... please rate it if it does !!!

New Member

Re: Pix 501 Problem

I should use this configuration just as it is? should i apply any changes? What mean`s the under score in the configuration that you sent me?

New Member

Re: Pix 501 Problem

I don`t know what im doing wrong, i will aprecciate any word of advise!!!!

i still can get no internet, the situation persist.

Re: Pix 501 Problem

Sorry .. I was off-line for a couple of days .. are you still having the problem ..? the config you post it .. unreadable ... can you maybe copy and paste it to word.

Re: Pix 501 Problem

hey ... wait a minute ... do you have another device in front of the PIX ..? the outside interface of your PIX has a private address ..? Is your PIX connected to an ADSL modem .. or something like that ..?

New Member

Re: Pix 501 Problem

Yes my dear friend, There is an cisco router 3841, i solved the problem with the Firewall, i just had to configure a default gateway!!!! that was parameter that was missing. But your advise was very helpfull.

Best Regards!!!!

Re: Pix 501 Problem

great news ...

103
Views
0
Helpful
7
Replies
CreatePlease to create content