Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
267
Views
3
Helpful
2
Replies

Pxi 501 - Where to place in it my SOHO network

Moonacres
Level 1
Level 1

‎11-06-2004 09:57 AM - edited ‎03-09-2019 09:22 AM

I have a pix 501 firewall that I recently picked up and I would like to use in my SOHO, but I am not sure where to connect it.

I have DSL with Sympatio (Canada) with a dlink router/print server. The router establishes my connection for me then I can access email, web etc. My question is this where do I connect the pix? Also what ports do I use? I have tried connecting port 0 to my dsl modem but I keep getting a message saying that the link is down. I have searched but cannot quite get the info I am looking for. So any help would be appreciated.

Thanks

Labels:
0 Helpful
2 Replies 2

travis-dennis_2
Level 7
Level 7

‎11-06-2004 10:47 AM

The best place to put the PIX given your setup is behind the router. PLease keep in mind that the PIX is shipped with everything turned off and you have to open everything up that you need. Please take a look here for configuration examples.

http://www.cisco.com/application/pdf/en/us/guest/products/ps2030/c1616/ccmigration_09186a0080177094.pdf

Also,

depending on your router you may need to connect the PIX to it using a crossover cable and not a straight through.

Hope this helps.

Please remember to rate all replies

0 Helpful

viahuja
Level 1
Level 1

‎11-06-2004 03:22 PM

A PIX firewall should ideally be placed as the first point of entry into your network, but in this situation, since you are using DSL, most likely it is a PPoe connection and will require configuration on the pix to get authenticated to this process so you might want to just leave your internet connection as is if you don't have the expertise to do this, and just plug the PIX behind the router. The E0 interface on the PIX is for the "outside" and E1 is for the "inside". I would reccommend adding a small switch/hub to your network, plugging the E0 interface on the pix to this the switch/hub as well as a free port on the router and then pointing your default gateway on the pix to the router, this will be the "outside" of your internal network/PIX, then all your hosts on the inside will point to the PIX E1 interface as their default gateway ofcourse if you have multiple hosts then again using a again sharing a switch/hub for the E1 interface and those hosts. Your PIX will maintain stateful inpsection of packets tranversing your network based on the security policy you apply. Hope this helps!.

Vik Ahuja

Customer Support Engineer III - VPN/AAA

Cisco Systems, Inc.

CCIE # 11958, CCNP, CSSP

Customers Also Viewed These Support Documents