I am absolutely new to Cisco PIX firewalls and need help

[mcsetpo]

I am absolutely new to Cisco PIX firewalls and need help.

The scenario looks like this:

VPN-Client
|
|
Internet
|
|
Cisco ADSL Router, Public IP
|
PIX 501 firewall, 192.168.1.1
|
Windows 2000 IAS-Server (RADIUS), 192.168.1.2

The ISP has configured the ADSL router and PIX 501 firewall.
I have configured the RADIUS server.
The VPN-client is authenticated by the IAS-Server, but is not able to connect to any network resources.
On the VPN-client I se that client IP = 172.16.x.x and Server IP = Cisco ADSL Router Public IP.
I suppose that the error is the client and server IP that is not part of the internal network.

 

[yizhar]

HI.

The pix will need to have a registered public ip address on the outside interface.
Ask your ISP for more addresses.

Using PAT on the ADSL router is the main problem here as you have suspected.

Bye
Yizhar Hurwitz

http://come.to/yizhar

http://teachers.sivan.co.il/yizhar

 

[mcsetpo]

Hi Yizhar

I don’t get it; do you men that I need more than one public IP address (The public IP on the router)?
Please draw me the picture.

 

[yizhar]

Yes.

The pix outside interface should have a registered public ip address.
Ask your ISP to help you with.

Maybe it is possible with some more router configurations but I think that it won't work and anyway it is not recommended to have 2 NAT devices in a row.

Bye
Yizhar Hurwitz

http://come.to/yizhar

http://teachers.sivan.co.il/yizhar