cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
302
Views
0
Helpful
1
Replies

Pix 525 And NAT

shhamidi
Level 1
Level 1

Hi To all

excuse me i try to explain my network.

we have 5 wireless access point beetween 5 zone( main zone is zone0) and my firewall is in zone0.

we want deny bad access from each zone to other zone.

i create vlan and zone0,zone1,zone2,zone3,zone4,zonef in ethernet1.

and pix is now work fine. we add the my goverment network to this configuration we can add another zone(zoned) or use the ethernet0 for this network.

this network have a cisco 800 router with 1 port 10mb/s ethernet(4 port hub) and one ATM(my atm connect to upper network).

i add the vlan zoned to ethernet1 of pix and enable rip routing on it and see the route table of router on pix.

i use the zone0 computer for text for example 192.168.0.140 and can ping 10.68.146.1(ethernet0 of gov router) and aslo can ping 172.16.2.42 (atm0 of gov router.) but we must use the 10.68.16.2 web server for gov application and in this situation can't see the outer network of 800 router.

i can access from pix console all network and can ping 10.68.16.2! but from zone0 users i can access ?

why ? pix doing nat but ... ?

i add the router config and pix525 config.

and output of routing table of each device is attached.

thank you.

Seyed Hossein Hamidi

1 Reply 1

owillins
Level 6
Level 6

If possible try configuring a Bi-directional nat. For more information on this please refer to the following link.

http://www.cisco.com/warp/public/707/28.pdf

Review Cisco Networking for a $25 gift card