Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
642
Views
5
Helpful
4
Replies

PIX routing

Go to solution
imranghani
Level 1
Level 1

‎04-28-2005 09:57 PM - edited ‎02-21-2020 12:06 AM

I am using NAT on PIX for Internet browsing. I have l3 shitch to devide internal network in 10 subnets. Users direct connected to PIX are able to brows Internet, while, users conencted though L3 shitch is not able to borws the Internet. Pl give the the solution.

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
mhussein
Level 4
Level 4
In response to imranghani

‎04-28-2005 11:44 PM

Only 3 ip addresses are assigned for hosts to access the internet, per this existing configuration:

global (outside) 1 x.x.x.245-x.x.x.247 netmask 255.255.255.240

To allow all internal hosts to access the internet using a single ip address, configure PAT as follows:

global (outside) 1 x.x.x.248 netmask 255.255.255.240

(you can use any public ip addres available, I just picked x.x.x.248)

Of course the hosts/servers configured with static statements are not affected.

The switch configuration is missing in the attachment. Just verify that there is a default route statement configured on the switch:

ip route 0.0.0.0 0.0.0.0 172.16.16.2

Please let us know if that helped.

Mustafa

p.s. please remember to mask or remove public ip addresses and sensitive info when posting configs.

View solution in original post

4 Replies 4

Go to solution
mhussein
Level 4
Level 4

‎04-28-2005 10:23 PM

Hello,

It would be helpful if you could post the pix configuration.

But anyway, some things to look for:

1. Is the pix nat'ing all subnets?

2. Does the pix have a route configured to every subnet?

3. Does the L3 have a "default route" pointing to the pix's inside interface?

0 Helpful

Go to solution
imranghani
Level 1
Level 1
In response to mhussein

‎04-28-2005 10:41 PM

Thankx Mr.Hussein,

Pl. find the configuration of PIX and L3 switch attached.

Preview file
57 KB
0 Helpful

Go to solution
mhussein
Level 4
Level 4
In response to imranghani

‎04-28-2005 11:44 PM

Only 3 ip addresses are assigned for hosts to access the internet, per this existing configuration:

global (outside) 1 x.x.x.245-x.x.x.247 netmask 255.255.255.240

To allow all internal hosts to access the internet using a single ip address, configure PAT as follows:

global (outside) 1 x.x.x.248 netmask 255.255.255.240

(you can use any public ip addres available, I just picked x.x.x.248)

Of course the hosts/servers configured with static statements are not affected.

The switch configuration is missing in the attachment. Just verify that there is a default route statement configured on the switch:

ip route 0.0.0.0 0.0.0.0 172.16.16.2

Please let us know if that helped.

Mustafa

p.s. please remember to mask or remove public ip addresses and sensitive info when posting configs.

Go to solution
imranghani
Level 1
Level 1
In response to mhussein

‎04-29-2005 03:16 AM

Thankx Mr. Mustafa

Now it is working.

regards

Imran Ghani

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card