PIX prevent connection to outside private networks

[Guest_imported]

Problem background:
Originally I have three frame-relay PVC's that connect my local network (10.1.0.0/16) to the outside private networks (10.x.0.0/16). In addition, a PVC connects the local network to the Internet. The router handled the NAT to achieve Internet access. Up to this point everything was working correctly.

Enter the PIX:
After installing a PIX 515 between the local network and the router, I lost connection with the outside private networks. Currently I can connect to the Internet without problems. Also, the router is no longer handling NAT and this function was passed to the firewall.

I assumed that since the IP's in the segment that connect the firewall and the router are real Internet addresses, then the router do not propagate packets from the private networks through that segment. I don't know if this assumption is right. I believe there should be some kind of work-around for this problem.

Any help to solve this will be greatly appreciated.

 

[webnetwiz]

If i understand you correctly, you have 1 inside network, 3 partnernets, and an internet connection?

In this case, you would have to connect the partnernets to the DMZ interfaces of the PIX (assuming you have the 4-port Ethernet expansion card), setup NAT on all of them, then connect your inside network to the inside interface on the PIX, and the Internet connection to the outside interface (usually eth0). You would then have to specify global IP pools and access lists for all the networks, since they're all NATed. If you want to email me with a Visio diagram, I could help you more.

David.

 

[Guest_imported]

David:

My firewall is a PIX 515 it only have two interfaces (inside,outside). I only have one phisical conection to the Telco provider. Through this phisical connection I have access to all the other private networks and the internet via pvc's.

How can I obtain your e-mail to send the visio drawings?