hi
I have a pix 515 i need to configure
I will tell u what i have
one global Ip address given by the isp
one gateway ip address given by isp
3 dns ip addresses given by isp
thats all i have
How to configure pix
Please this is urgent help me
The DNS addies go into your desktop. Shouldnt need to have to do anything with them on the PIX. Assuming you have done some config on it already. The default route on the PIX should be the gateway addie your ISP gave you. The Global IP basically allows you to use any IP on the inside of the PIX and that address is translated to the global IP provided by your ISP when you establish a connection outside through the PIX hiding the networks real IP's. just use the command - global (outside interface name) (ip addy) 1 netmask (mask addy)
Not sure what other info u might need drop me an email if you need more help.
My first question is How did you organise a static IP DSL ?
As far as I know this will work
nameif ethernet0 outside security0
nameif ethernet1 inside security100
interface ethernet0 AUTO
interface ethernet1 AUTO
ip address outside <External IP given to u from ISP i.e 195.100.100.212 255.255.255.248>
ip address inside <Internal Ip Address for router i.e 10.1.1.254 255.255.255.0>
<Section to Create DHCP server ignore if clients r static>
dhcpd address 10.1.1.1-10.1.1.20
dhcpd dns <your isp dns 1> <your isp dns 2>
dhcpd wins <wins server of your choice>
dhcpd lease 3000
dhcpd domain yourdomain.com
dhcpd enable
Since you only have one IP address, you'll want to use version 6 of the PIX OS, otherwise you wont be able to do NAT. If you have any machines that need services exposed to the Internet you'll need to setup port forwarding.
Thanks a lot people
First to reaper36, Since i have only one Globalip add i already used that for outside ether card, now which one i will use for the command "global(outside)Can u clarify that to me and also should i use nat or not
csdc, thats a great help but my version is 4.4 and guess it doesnt use dhcpd, we bought it from a liberary and so we dont have cisco support and so there is no opp to download the latest version of the software. and also if u get a BUSINESS DSL U WILL GET A STATIC IP ADDRESS.
You wont be able to do it with only 1 ip addy. The outside int must have an ip within the same subnet range as the router at the isp end to establish the 'loop'. You will have to contact your isp and explain to them what you have and they should (at least they did over here.....) give you another IP.
The PIX will use a kind of NAT, (its actually called Port Address Translation for only 1 IP) automatically when you use the global command i specified in my earlier post with only 1 ip and not a range of them. All it does is basically split the 1 addy into several unique port adresses and allocates 1 to each outbound connection.
Hope that helps you a little more. Keep posting if its not enough we'll get it right eventually!
hi
Thanks again reaper36, i spoke to my isp and they said they cant do anything about it. I want to try version 6 like shoX says but since i dont have a contract, i dont have a cco username and password i am unable to download it. I am at my witts end now, really dont know what to do and this thing has to be up as soon as possible.
Thanks a lot for ur reply
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.