Re: PIX cannot see outside network

jonrowlan · ‎08-01-2005

We have set a Cisco ADSL router up and a PIX firewall. I have followed the Cisco article on configuring the firewall but no matter what I do, I can only see the outside addresses if I allow the Firewall to give me a DHCP address. I have tried NAT and Non Natting configs. The basic examples don't even work for me. Can anyone give me any pointers where to start?

valconix · ‎08-01-2005

so basically, you've got the following setup:

Inside_network->PIX FW->ADSL Router->Internet ?? what are you trying to achieve? do you have the correct default gateways setup?

Inside_Network default GW = PIX Inside Address

PIX Default GW = ADSL Router,

ADSL Router Default GW = YourISP

Which device are you planning on running NAT on?

jonrowlan · ‎08-02-2005

I have a Cisco 800 ADSL router, natting.

I have a Pix 501.

Router gets IP from ISP via DHCP. 213.210.21.161.

Router Inside address : 192.168.10.1/24

Firewall Outside address : 192.168.10.2/24

Firewall inside address : 192.168.25.1

We have tried with NAT on and off in the firewall (assuming that nat (0) is effectively turining NAT off) and we have tried nat(1).

I have tried to create a default route of 192.168.10.1 in the firewall but whenever I try this I get an error to say that the route is already configured.

All we want to do is to be able to have a bunch of inside 192.168 addresses able to see the Internet but be protected from incoming traffic.

We can't even get the example icmp commands to work.

The firewall is able to PING the Internet using the PDM Tools option to PING.

I presume that we cannot NAT on both devices and that "nat (0)" turns natting off in the firewall?

jON