Cisco Support Community
Community Member

Unable to connect to internal hosts

Good morning,

I made a change to my home network configuration, where I added a Cisco 1600 router between my cable modem and PIX 501, to which my internal hosts are all connected.  (See my discussion post entitled "PIX 501 not talking to Next Hop router for details of that endeavor).  Now that I have that working, I can no longer access my internal hosts from outside.  I use Port Address Translation / Port Overloading in my environment, since I only have a single IP address to share.  When I added the router, I enabled NAT on that device in order to provide internet connectivity.

I still have PAT configured at the PIX; I am wondering if I need to move those definitions over to the router (since it's directly connected to the cable modem)?

Unfortunately I don't have access to the complete, current PIX config at the moment.  But I am attaching the configuration I had in place just prior to the change where I added the router. I've only made a few changes since then.  Please let me know if you have any recommendations, or can point me in the right direction to get this working.

Thank you!



Community Member

Unable to connect to internal hosts

Hi Brian,

I would say remove PAT from PIX and move it to router.

Command to configure PAT on router:-

conf t

int fast 0/0 ----- Inside interface (Where you have inside IP)

ip nat inside


int fast 0/1--- Outside interface (where you have public IP)

ip nat outside


ip access-list ext NAT

permit ip any any


ip nat inside source list NAT interface fast 0/1 overload

Also share config from router and pix in the .txt format, if above solution doesn’t work.

Dont forget to rate this reply.

CreatePlease to create content