Hi!

Here's the setup :

Cisco2950------>Cisco PIX 515E -------->Cisco 837.

There will be about 10 hosts connected to the Cisco2950 switch, which will be given access to the internet. The connection should only from the clients to the internet.

Is it possible to keep track of the site that the users go to using this firewall?

Thanks.

Ok .. so you need.

1.- To make sure the users ar using the internal interface of the PIX as default gateway for outbound internet. Lets say the inside interface IP is x.x.x.x so your users need to have x.x.x.x as their default gateway.

2.- You need to use a cross over cable to connect the PIX with the 837.

3.- Configure the Ip address of the 837 router which faces teh PIX as static .. example 10.10.10.1 255.255.255.0 Configure the interface of the PIX which is connected to the 837 as 10.10.10.2 255.255.255.0. Let's call this interface "outside"

4.- You need to configure the PIX to allow internet access from your hosts

access-list Internet_Outbound permit tcp any eq www

access-group Internet_Outbound in interface inside

5.- You need to enable PAT

nat (inside) 1 access-list Internet_Outbound

global (outside) 1 interface

6.- make sure your pix has a default route pointing to 10.10.10.1 ( The ADSL router ).

route outside 0.0.0.0 0.0.0.0 10.10.10.1

7.- Make sure your 837 router has a route for your internal subnet.

This should keep you going ..

I hope it helps .. please rate if it does !!!