The PIX Six

There are 6 necessary steps to get a Cisco PIX up and running. The following gives a brief explanation and listing of these 6 commands. This is for PIX OS version 6.x. A Basic config for 7.x and higher is a little different and the name is not as catchy.

interface - Configures interface settings such as speed, duplex, up/down
nameif - Assign a name and security level to your interfaces.
ip address - Configures IP addresses on the interfaces
nat - The nat command configures translation for a set of IP addresses to another IP address(es) or IP addresses
global - The global command is used to define the address or range of addresses that the addresses defined by the nat command are translated into
route - Defines static routes for the Pix.

Configuration Example

1. interface: Use the following commands to configure the PIX interfaces

ciscopix(conf)# interface ethernet0 100full
ciscopix(conf)# interface ethernet1 100full
 

2. nameif: Use the following to assign a name and security level. Note: The inside and outside interfaces are configured by default

ciscopix(conf)# nameif ethernet0 outside security0
ciscopix(conf)# nameif ethernet1 inside security100

3. ip address: assign ip addresses to the interfaces

ciscopix(conf)# ip address inside 172.16.8.254 255.255.255.0
ciscopix(conf)# ip address outside 192.168.1.5 255.255.255.0

4. nat: Defines the group of addresses to be translated

ciscopix(conf)# nat (inside) 1 172.16.8.0 255.255.255.0

5. global: Translates the addresses defined by the nat command to a single or range of ip addresses

ciscopix(conf)# global (outside) 1 192.168.1.65 netmask 255.255.255.0

6. route: Give the PIX a valid next hop for forwarding traffic

ciscopix(conf)# route outside 0.0.0.0 0.0.0.0 192.168.1.1