Re: Use PIX 501 to access internet, how to?

otnj2ee · ‎04-16-2007

I have this PIX501 box and this is what I want to do:

Outside: connect it to a DSL modem (yahoo/ATT SpeedStream 5100). Use DHCP

Inside: connect to one or two PCs. Use static IP. The PIX box's inside IP: 192.168.1.1

The Yahoo's DNS server IP: 192.168.0.1

Could anybody provide a script to make this happen, so that I can run it on the pix.

Long story, short, when first bought it, the Cisco provided some tech support, somehow, they make it working. Now I am out of the support. I made all the reasonable efforts, but still can not make it working (access to the internet), even after I reset it to the factory's default setting.

Thanks for any help.

Scott

Patrick.Beaven · ‎04-20-2007

Here is a list of commands that need to be performed. You man need additional configuration considering that most dsl providers require pppoe user and password setup. I will give you what i have on a pix with a pppoe provider. Its actually fairly simple

##first setup basic PAT access

login

enable

conf t

global (outside) 1 interface

!

nat (inside) 1 0.0.0.0 0.0.0.0 0 0

!

##now setup pppoe

ip address outside pppoe setroute

!

#fill in your pppoe user and password below

vpdn group sbc request dialout pppoe

vpdn group sbc localname xxx@sbcglobal.net

vpdn group sbc ppp authentication pap

vpdn username xxx@sbcglobal.net password ****

!

dhcpd lease 3600

dhcpd ping_timeout 750

!

end

wr mem

!

You should also realize that your speedstream is natting you once and the pix will nat you again. Sometime you may have a weird issue surfing the net because of the double natting thats taking place. If it happens log into the pix and type clear xlate from priveleged mode. It will clear the existing nat translations .

Good Luck,