Showing results for 
Search instead for 
Did you mean: 

NO Internet Connection

Level 1
Level 1

Dear All,

I configured NAT on pix (506E)

I can ping any outside host from my pix.

I can also ping any inside host from my pix.

However I cannot ping any host from inside to outside nor internet connection functions.

I repeated the configuration tens and tens of times

I also tried to configure from PDM.

Seems that nothing would go well.

Here's the config.

Could any one help please.

PIX Version 6.2(2)

nameif ethernet0 outside security0

nameif ethernet1 inside security100

enable password 7PmXr29jODRJ.eaI encrypted

passwd 7PmXr29jODRJ.eaI encrypted

hostname tita


fixup protocol ftp 21

fixup protocol http 80

fixup protocol h323 h225 1720

fixup protocol h323 ras 1718-1719

fixup protocol ils 389

fixup protocol rsh 514

fixup protocol rtsp 554

fixup protocol smtp 25

fixup protocol sqlnet 1521

fixup protocol sip 5060

fixup protocol skinny 2000


access-list inside_access_in permit icmp any any

access-list inside_access_in permit ip any any

access-list outside_access_in permit icmp any any

interface ethernet0 10baset

interface ethernet1 auto

icmp permit any outside

icmp permit any inside

mtu outside 1500

mtu inside 1500

ip address outside

ip address inside

ip audit info action alarm

ip audit attack action alarm

pdm location inside

pdm history enable

arp timeout 14400

global (outside) 10 netmask

nat (inside) 10 0 0

access-group outside_access_in in interface outside

access-group inside_access_in in interface inside

route outside 1

timeout xlate 3:00:00

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h323 0:05:00 sip 0:30:00 sip_media 0:02:00

timeout uauth 0:05:00 absolute

aaa-server TACACS+ protocol tacacs+

aaa-server RADIUS protocol radius

aaa-server LOCAL protocol local

http server enable

http inside

no snmp-server location

no snmp-server contact

snmp-server community public

no snmp-server enable traps

floodguard enable

no sysopt route dnat

telnet inside

telnet timeout 5

ssh timeout 5

username samir password .KnHwytEP2k92JAD encrypted privilege 15

terminal width 80


2 Replies 2

Level 6
Level 6

It looks like you fat fingered your route statement:

193.... should be 190, right? It needs to be on the same subnet as the external interface

yes you're right

but in my fix this default route was correctly entered as follow

route outside 1

which the address of a cable modem (ADSL)