Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Cannot ping outside of the firewall

Status
Not open for further replies.
de1458

de1458

MIS
Jan 26, 2002
78
0
0
CA
Hi all,

I am new to PIX FW, my company,only 30 hosts, switch from fractional T1 to Dsl w/static IPs, the PIX works fine for frame relay, but the problem now is the T1 router is removed from outside, the current connection is the PIX direct connect to outside. from the PIX is able to ping any inside and outside host without any problem, but inside hosts is not able to ping outside.
I am search cisco website and not been able to get a sample configuration on the similar situation, direct to ISP w/o a router. so could anyone help or a configuration sample is very welcome and appreciated.
here are some config lines, note the rest of the command are default config from the PIX
-----------------------
ip address outside 66.xx.xxx.14 255.255.255.240
ip address outside 10.100.xx.4 255.255.255.0

global (outside) 1 66.xx.xxx.6-66.xx.xxx.13 netmask 255.255.255.240
nat (inside) 1 0.0.0.0 0.0.0.0

static (inside, outside) 66.xx.xxx.2 10.100.xx.2 netmask 255.255.255.255 0 0
static (inside, outside) 66.xx.xxx.3 10.100.xx.3 netmask 255.255.255.255 0 0

conduit permit icmp any any echo
conduit permit icmp any any echo-relay

route outside 0.0.0.0 0.0.0.0 66.13.137.1 1
route inside 10.100.xx.0 255.255.255.0 10.100.xx.255 1

Thanks,
Dennis
 
Sort by date Sort by votes
You just use the single network setup. The DSL has to go thru a DSL router/modem just use that IP as if it were the router as in the sample setups. Double check your routes the PIX is NOT a router. Hope this helps.
 
Upvote 0 Downvote
Thanks for your reply,
I am aware that PIX does not act/designed to be router, but I was told that the PIX could directly connect to DSL modem without a router in between

Dennis
 
Upvote 0 Downvote
Maybe I wasn't very clear, Yes, you can use PIX without a router. what I meant to say was that whatever your ISP provides for your connection has an IP on it that's the one I'm saying to use in place of the router's ip in the example setup on CCO. Also I'm not sure whether you type the above config by hand ,maybe it's just a typo but in your ip address you have two outside adds. Also your route inside statement unless 10.100.xx.0 the xx is a different subnet your directing traffic back onto to itself. Anyway just my two cents worth..
 
Upvote 0 Downvote
Dennis - have you put your DNS entries in?

dhcp dns xx.xx.xx.xx xx.xx.xx.xx

Regards

Riteon
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Tommy_T
  • Locked
  • Question
Sonic wall - Have an issue remotely connectioning VNC and SMB (and AFP) to one of the 2 ISP circuits
Replies
1
Views
121
nnaarrnn
nnaarrnn
DivemasterBill
  • Locked
  • Question
Cannot connect via the SonicWall Login webpage
Replies
0
Views
42
DivemasterBill
DivemasterBill
Sparrow4
  • Locked
  • Question
Configure Avaya IPO R11 / VM Pro + Office365 or Exchange for voicemail to email
Replies
2
Views
146
Johnkite
Johnkite
Shmid
  • Locked
  • Question
Hi We´re thinking of enabling Ac
Replies
0
Views
96
Shmid
Shmid
ISDPCMAN
  • Locked
  • Question
Cannot connect to TZ-215 Sonicwall appliance with web browser!
Replies
0
Views
52
ISDPCMAN
ISDPCMAN

Part and Inventory Search

Sponsor

Back
Top