Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

PIX501 Newbie Needs Help

Status
Not open for further replies.

hcclSmokey

Technical User
May 9, 2003
23
GB
Hi There

I have a PIX 501 and it is connected to a D-Link DSL504 router/firewall. The DSL504 has four switched ethernet ports and is set to assign address via DHCP. The PIX outside interface has picked up a DHCP address from the DSL504 192.168.0.2/24. My ISP is BT Openworld and the connection from my DSL 504 to BT is PPPoA LLC. I have read that the PIX is a PPPoE device. Does this cause any issues ?. I have one host on connected to the PIX and it is able to access the DSL504 GUI and can also ping another host I have attached to an ethernet port on the DSL504. However I cannot access the internet from the host attached to the PIX. The DSL504 uses NAT. Again i have heard that two devices connected to each other using NAT is a bad idea. I have rules set on the PIX to allow all on the outside and inside interfaces however I still can't browse the Internet. Would it be a better idea to scrap the DSL504 and get a standard DSL modem which assigns the internet address to the PIX outside interface ? If so can anyone suggest a model of DSL modem.

Many Thanks
Smokey
 
PIX can be configured as a PPPoE client and get a public IP from the ISP, while your DSL router can just act as a bridging device. Check out this link to configure NAT on the PIX to allow access to internet, as well as configuring pppOE on pix 501.

- PPPOE config on pix.


You need to enabled nat and global commands on the pix, to allow NATing of your private ip address, so that they can access the internet. Check the abovelink.

Sankar Nair
General Datatech l.p.
 
Thaks for the prompt reply....

Please excuse my ignorance but how can my PIX get an IP address from my ISP ? My ISP uses PPPoA and the PIX does not support this. Here in the UK we have not readily adopted PPPoE as of yet. I have a single static IP which is picked up by my router.

Thanks Smokey
 
Thanks Sankar. Sorted it out. I set up port forwarding on the DSL router to the oustide interface of the PIX. Created a static translation rule for my internal PIX host to translate to the PIX outside address which is assigned by the DSL router.

Are there any disadvantages of having it set up like this ? I mentioned before that my DSL router is natting as well as the PIX. Am I limiting the use of the PIX in anyway ? Would it be better to get a DSL modem ?
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top