Adding additional interface to PIX 515e

brandont · ‎08-08-2005

I am needing to add an additional interface to our PIX 515e to access a frame line. I have added the following lines:

interface ethernet2 auto /

ip address intf2 x.x.x.x.210 255.255.255.248 /

route intf2 204.x.x.0 255.255.255.0 x.x.x.209 1

I am sure I am missing something... I need the inside network able to access the internet through the outside network and then access this network also for one app. I feel I am missing a global statement and/or a nat statement but I am not sure how it should be worded. I would appreciate any help.

Thanks!

mehrdad · ‎08-08-2005

I'm not sure that I understood your question but please see below :

- If your inside network is using private IP addresses

nat (inside) 1 0 0

global (outside) 1 interface

* you can be able to use access-list or subnet at nat command to specify your private network precisely.

for instance :

access-list 101 permit ip local_ip local_mask any

nat (inside) 1 access-list 101

global (outside) 1 interface

- if your inside network is using public IP addresses

nat (inside) 0 204.x.x.0 255.255.255.0

I hope it was useful

Regards,

Mehrdad Arshad Rad

rsmith · ‎08-12-2005

In addition to the previous post, to access the new interface, assuming you already have a nat(inside) 1 0 0 (or similar), you need to add a global statement for your new network:

global (intf2) 1 interface.

This will allow access from the inside to the new intf2 network.