Re: cisco pix 515e firewall

dkblee · ‎09-20-2004

hi!

Just got a pix515e firewall from my organization. I'm new in firewall configuration. Can anyone advice me on the basic steps that i should follow to do the configuration? or any sample of the configuration? i'm not using the dmz interface.

Thks!

paddyxdoyle · ‎09-21-2004

Hi

By default all traffic is permited through the PIX from the inside interface to the outside interface.

The inside interface has a security level of 100 and the outside has a security level of 0.

By default traffic from the outside interface to the inside interface is denied by default.

If you want to only permit traffic from your internal LAN to the internet, the following example should help

e.g.

Create your inside and outside interfaces (should already by there as part of the PIX's default configuration):

#nameif ethernet0 outside security0

#nameif ethernet1 inside security100

Set the your interfaces speed / duplex:

#interface ethernet0 100full

#interface ethernet1 100full

Configure the IP address of your interfaces

#ip address inside 10.0.0.1 255.255.255.0

#ip address outside 11.0.0.1 255.255.255.0

Define a default route pointing to the internet via your ISP router

#route outside 0.0.0.0 0.0.0.0 11.0.0.2

configure PAT for traffic going out to the internet using your external interface as the NAT address

#nat (inside) 1 0 0

#global (outside) 1 interface

There are lots of config guides on Cisco that should help you, have a look at the following link:

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/prod_configuration_examples_list.html

Thanks,

Paddy

dkblee · ‎09-21-2004

Thks! will try on that.