Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

PIX501 config troubleshooting

Newbie having trouble getting internet access through a Action1520 router, need someone to help please. Here's the config at the moment, anything wrong?

name 66.xx.xx.0 HomeOffc

name 10.10.4.108 JetDirect

access-list inside_outbound_nat0_acl permit ip 10.10.4.0 255.255.255.0 Corp_Net 255.255.255.0

access-list outside_cryptomap_20 permit ip 10.10.4.0 255.255.255.0 Corp_Net 255.255.255.0

access-list outside_access_in permit ip Corp_Net 255.255.255.0 any

access-list outside_access_in permit ip host 216.xx..66.4 any

access-list outside_access_in permit ip host 10.10.11.42 any

pager lines 24

logging on

mtu outside 1500

mtu inside 1500

ip address outside 10.10.11.42 255.255.255.0

ip address inside 10.10.4.254 255.255.255.0

ip audit info action alarm

ip audit attack action alarm

pdm history enable

arp timeout 14400

global (outside) 1 interface

nat (inside) 0 access-list inside_outbound_nat0_acl

nat (inside) 1 0.0.0.0 0.0.0.0 0 0

static (inside,outside) 216.xx..66.4 JetDirect netmask 255.255.255.255 0 0

access-group outside_access_in in interface outside

route outside 0.0.0.0 0.0.0.0 10.10.11.1 1

timeout xlate 3:00:00

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00

timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00

timeout uauth 0:05:00 absolute

aaa-server TACACS+ protocol tacacs+

aaa-server RADIUS protocol radius

aaa-server LOCAL protocol local

http server enable

http HomeOffc 255.255.255.0 outside

http 10.10.0.0 255.255.0.0 inside

http 216.xx..66.0 255.255.255.0 inside

http 10.10.4.0 255.255.255.255 inside

no snmp-server location

no snmp-server contact

snmp-server community public

no snmp-server enable traps

floodguard enable

telnet 10.10.0.0 255.255.0.0 inside

telnet 10.10.4.0 255.255.255.0 inside

telnet timeout 5

ssh timeout 5

console timeout 0

1 REPLY
Bronze

Re: PIX501 config troubleshooting

For basic configuration of the PIX firewall and advanced configuration, you could refer to the configuration examples on the PIX support page at http://www.cisco.com/pcgi-bin/Support/browse/psp_view.pl?p=Hardware:PIX&viewall=true. The document "Configuring and Troubleshooting the Cisco Secure PIX Firewall with a Single Internal Network" should help you troubleshoot and figure out the problem.(http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080094ea2.shtml)

176
Views
0
Helpful
1
Replies