Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
452
Views
0
Helpful
1
Replies

Outside Route Configuration

jeff slansky
Level 1
Level 1

‎09-15-2013 04:08 PM - edited ‎03-07-2019 03:28 PM

hi,

see attached image of network diagram.

i have been trying to figure something out for quite some time now and i feel like after 15 hours it is time to seek some advice as to what i am missing. any help would be greatly appreciated.

i have a pix 525 with ios 8.0.4 on it. i am trying to make what i believe to be one of the most basic uses of this device. i want to to setup a vpn at my house.

once i introduce the vpn, things start getting whacky and i have some basic questions. i have gone and one a full factory reset with the following.

enable

write erase

erase configuration in flash memory: yes

reload

proceed with reload [confirm]: yes

#After reboot

#answer yes with y enter

Preconfigure firewall now through interactive prompts: [yes]: hit enter key

Firewall Mode [Routed]: hit enter key or [tranparent] to configure the other way

enable password [password]..................pick one between []'s

allow password recovery: enter y enter

year enter 2013

month: sept

day: 15

time: 02:012:00

inside ip 10.1.1.2

net mask 255.0.0.0

hostname: thcvpn01

domain:mydomain.net

ip of host running device manager: just hit enter

                  

with this basic default reset on the vpn and the outside port unplugged and a ethernet cable going from the comcast modem to the netgear router, i can successfully ping the router, and all member servers on the inside port, as well as get on the internet. this seems logical and correct to me.

my problems all start when i disconnect the ethernet cable from the modem which goes to the data port on the router and try to use the outside port as diagramed in the picture. my questions are pretty simple i think:

1) the inside port can go to either a switch port or the data port on the router correct?

    when it is hooked it to the switch port on the router i can ping all member server host names and ips correctly but i can't ping any hosts or ips on the internet. it does resolve the host name to the ip properly, when i hook it to the data port i am not able to ping anything. for now it appears work on the switch port just fine so no big deal. im simply looking for clarification or reasons why one would use one over the other,  unless i am way off on everything.

2) the outside port on the vpn should connect up to the comcast modem ethernet jack correct? when i configure an outside interface, such as 11.1.1.2 i am able to ping the outside interface from the 525 but not anything from the internet. my member servers are not able to ping the 11.1.1.2 ip address. what should i chose as the ip, netmask and gateway on the outside interface and how to i make this all work?

3) how do i make the routes between them that function. i think i need some clarity around this as well. the help on the device uses the word foriegn network and we are using terms like inside and outside. im not sure which is foriegn to what basically. a good working, simple example like this will do wonders for my understanding on routes between subnets.

thanks,

kevin

Labels:
Preview file
1087 KB
0 Helpful
1 Reply 1

jeff slansky
Level 1
Level 1

‎09-20-2013 04:21 PM

anyone?

Jeff

0 Helpful
Customers Also Viewed These Support Documents