Your pix firewall is doing the NAT for 192.168.0.0/24 to 10.0.0.0/24.
You have configured 10.0.0.1/24 in your router onto the outside interface of your firewall which is connected to the router which is also a part of the same subnet.
with the current config until unless you dont have a public ip subnet extended onto your outside interface of your firewall and without doing a nat in router you wont be able to reach the outside world browse internet.
do post out your exact requirement and what exactly you want to do with your setup so that we can suggest accordingly..
ADSL 877 router connecting to internet with PPP dialer, dhcp assigned. Inside network address 10.0.0.2.
The router is connected to the PIX 515e firewall, outside interface address 10.0.0.1.
I would like to browse internet for internal clients connected to the ethernet 1 port of the firewall (internal address 192.168.x.x) with NAT such that the connection is shared.
I would also like to be able to PAT on the firewall so i can run applications which require inbound access (web server, ftp etc) to machines on the internal network. I would like to run the rules on the firewall rather than the 877 router because then i can have dmz and the like.
If i set the pix firewal to NAT (or is it correct to say PAT?) all its traffic onto its external interface, 10.0.0.1, then the 877 doesnt need to worry about any port masquerading and can masquerade the single pix firewall address to the external dhcp assigned address.
Ideally i would like the 877 to act as a PPPoE to PPPoA bridge like i have run in the past with my linksys adsl modem and a suse linux box, with the PIX firewall brinding up the PPPoE connection and providing credentials but i dont think this is possible.
Sorry for the confusion, i hope that clarifies matters. Im sure what im trying to do is not too unique, lots of people must run adsl routers with pix firewalls and still want internal inbound access to make applications run properly.
We are pleased to announce availability of Beta software for 16.6.3. 16.6.3 will be the second rebuild on the 16.6 release train targeted towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are looking for early feedback from custome...