Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
529
Views
0
Helpful
3
Replies

Howto bridge 1 IP address from ISP to PIX through router

mwdekker
Level 1
Level 1

‎09-15-2004 06:54 AM - edited ‎02-20-2020 11:37 PM

Hello,

Could anyone help me with a configuration for a Cisco 837 router and a Cisco PIX 501, while getting only one IP address from the ISP, because of the use of ADSL as connection?

Must I configure the 837 router as a bridge by entering "no ip routing" "bridge-group 1" on the E0 and ATM0 interfaces, as well as the global "bridge 1 protocol ieee" command?

Must I then configure the PIX by using the VPDN command to logon to the ISP?

Or does someone know how else?

I'm using a PIX 501 with version 6.3 and a 837 router with version 12.x.

Your help is greatly appreciated!

Martin Dekker

Network Engineer

0 Helpful
3 Replies 3

a.awan
Level 4
Level 4

‎09-16-2004 07:55 AM

You do not have to configure bridging on the router. You can configure your router to get the IP address from the provider and you can configure the router's interface connected to the PIX on a private address space. In this case you will have to configure the router to NAT all private IP addresses to the public ip address obtained via DHCP. You can configure the PIX not to do any NAT on internal IP addresses as you are already doing NAT on the router. The only catch in this configuration might be when you need to connect to an internal host from the outside.

0 Helpful

mwdekker
Level 1
Level 1
In response to a.awan

‎09-16-2004 02:56 PM

Thanks for your reply!

I understand what you mean; natting on the router and not on the PIX.

My goal however is to spoof the public IP from the router to the PIX and let the PIX be the termination point for VPN (PPTP and VPN client), and also configuring SMTP to the inside.

Only one box to manage and I prefer the PIX.

I would like to mimic the DHCP spoofing concept of the ADSL modems like the Speedtouch Pro (Thompson).

Nice idea though!

Pity that the ISP doesn't make use of PPPoE, but PPPoA, otherwise I could have used the PPPoE option on the Outside interface.

In that case however no PPTP sessions from the Outside could have been configured.

Thanks for your input, but still I would like to have a solution as described above.

Greets.

Martin

0 Helpful

whaller
Level 1
Level 1
In response to mwdekker

‎11-26-2004 05:54 PM

Did you ever get an answer to this? I'm looking to do the same thing. I have an adsl internet connection via pppoe with a static IP but would like to enable both cisco vpn client and pptp server on the PIX.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card