Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

PIX 501 - Newbie Help - ADSL

Status
Not open for further replies.
Riteon

Riteon

Technical User
Jan 14, 2002
16
GB
Hi group, I am very new to this and have purchased a pix 501 to protect a small network I manage.

Currently we connect our LAN to Bt Openworld using ADSL with NAT and I wanted to improve the security of our network by putting a PIX501 between our hub and the adsl box.

I have tried plugging the PIX501 via the '0' port to the ADSL box and the 0 light, lights up. I then took a lead out of our hub and placed that into port 1 of the 501 - rebooted the PC's but I couldn't get them to have access to e-mail or the internet.

Existing settings

(Just using the ADSL box and a hub, before I bought the PIX501) my pc and the other pc's defaultly have these settings

1. an ip address of 192.168.254.?? (this varies on reboot) 2. gateway of 192.168.254.254 (always the same)
3. subnet mask 255.255.255.0

What I need to know is how can I change the default settings below so that I can start using the firewall (basically) with my existing network.

In the future (ideally now) I wish to prevent certain PC's on the network having Web access but allow them mail access - but i probably need to understand the basics first. (I suppose I would have to give them static IP addresses if I was to have policies for certain PC's??)

I have enclosed my settings file for you to have a look at:-

clear config all
interface ethernet0 10baset
interface ethernet1 10full
ip address outside dhcp setroute
ip address inside 192.168.1.1 255.255.255.0
nat1 0.0.0.0. 0.0.0.0. 0 0
global 1 interface
http server enable
http 192.168.1.0 255.255.255.0 inside
dhcpd address 192.168.1.2-192.168.1.33 inside
dhcpd auto_config
dhcpd enable inside
pdm logging informational
timeout xlate 0:05:00
write memory
show config

I know that this is a tall order but any advice would be greatly appreciated.

I can access the PIX501 through Hyperterminal and PDM so I've got that far!!!

Thanks in advance

Riteon
 
Sort by date Sort by votes
This reply is late I know but I have only just seen your post. I have spent the last 2 weeks gettign to grips with a PIX 501 in the same scenario as you. I think you will find that the line...

ip address outside dhcp setroute

is not working because the line BT router is more than likely not providing DHCP services.

BT think that their routers provide DHCP but they do not unless you explicitly request this at order time. (MY feelings are that BT actually know very little about their routers or that very little is passed on to the tech support people anyway!).

Assign an outside address thus

ip address outside 192.168.254.xxx 255.255.255.0, this is in the right range of the BT ADSL router and your system should work.

If you have already got your system working well done! I am thinking of returning my PIX!

Cheers.
 
Upvote 0 Downvote
Don't return it. I nearly gave up too, but is has been working for months now. I am very impressed with it. If you need help just let me know. regards. R
 
Upvote 0 Downvote
Riteon,

Tks for prompt reply and glad to know that you are happy.

I will persevere and contact you as offered.

Cheers
 
Upvote 0 Downvote
Hi there Riteon, I current got the same setup as what u had b4 BT adsl router running NAT dynamic IP, and I just cant get my PC's to work thru the pix 501...., please could you tell me the steps u did and the problems to came across... many thankz.. ne response would be much appreciated
 
Upvote 0 Downvote
Hi there Riteon, I current got the same setup as what u had b4 BT adsl router running NAT dynamic IP, and I just cant get my PC's to work thru the pix 501...., please could you tell me the steps u did and the problems to came across... many thankz.. ne response would be much appreciated
 
Upvote 0 Downvote
Riteon,

Use the Cisco yellow cable to connect the PIX to your hub ports 1-4 and a standard patch cable to connect the PIX to the ADSL box from BT.

Your config line : ip address outside dhcp setroute

is no good as the BT box provides no dhcp!

Use : ip address outside 192.168.254.253 255.255.255.0

because the BT box is probably 192.168.254.254.

You should then be OK to enable a PAT for email.

Cheers,

cygnusman
 
Upvote 0 Downvote
Need help... I have recently purchased a PIX 501... I am also having problems seeing the internet, by going through the Pix... I am using a broadband connection from Road Runner... I have a static IP issued from RR, because we have a Web server & Mail server...

Basically, What my question is... What should my outside route be? Should it be set to be a DHCP client? That just doesn't seem correct to me... Would that screw up my NAT's?
 
Upvote 0 Downvote
You should set your default route as:

ip route outside 0.0.0.0 0.0.0.0 <ip address of router interface connected to the PIX501 outside interface> netmask <most likely 255.255.255.0> metric 1

This means that all traffic destined for the outside will go to the default gateway (the router connected to the Internet.

Hope this helps.
Netmaint
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sameer258
  • Locked
  • Question
Need Help to Find ip and mac address with email who one open my email
Replies
0
Views
289
Sameer258
Sameer258
intel233
  • Locked
  • Question
Cisco ASA 5510 -Static NAT Help
Replies
8
Views
329
intel233
intel233
tklamb
  • Locked
  • Question
ACL help
Replies
0
Views
68
tklamb
tklamb
xwray
  • Locked
  • Question
PIX 501 DHCP Server function
Replies
0
Views
61
xwray
xwray
PauS0n
  • Locked
  • Question
Need Help On Cisco ASA 5512 Running Version 9
Replies
0
Views
90
PauS0n
PauS0n

Part and Inventory Search

Sponsor

Back
Top