Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Routing in Cisco PIX 515E

Hi All

I have a Cisco PIX 550E firewall I want to setup as a router.

The outside interface (eth0) has IP address, subnet, gatewat

The inside interface (eth1) has IP address, subnet

I was to clear the access list which is defined.

How do I do this? I can login to the PIX on configuration mode. How do I proceed?

Hall of Fame Super Blue

Re: Routing in Cisco PIX 515E


From enable mode

1) "sh access-group". This will show you the interfaces where the access-lists have been applied.

for example

access-group acl_inboud in interface outside

2) From config mode "no acccess-group acl_inbound in interface outside".

This will get rid of the access-list but it is not as simple as that.

For traffic to flow from a lower to a higher level interface you must have an access-list permitting the traffic. in addition you will have present inside addresses to the outside with static NAT.

You also need to take of NAT for hosts on the inside going outbound. In your instance you would probably want to do a nat (inside) 0

The Pix is not really designed to be a router. Is there a reason why you need to do this.



New Member

Re: Routing in Cisco PIX 515E

I need to use the PIX as a router bacause I do not have a router. I was figuring that NATting would work fine for routing.

Hall of Fame Super Blue

Re: Routing in Cisco PIX 515E


Okay. Main differences from a router

1) you have to do something about NAT whether you want it or not.

2) You still need access-list even if it is a "permit ip any any" to go from outside to inside.

Good luck


CreatePlease login to create content