From: Guyler, Rik (rguyler@shp-dayton.org)
Date: Tue Aug 08 2006 - 12:27:42 ART
Aamir, you say that you should be getting a dynamic address form the ISP but
yet it appears that you statically set the address on the outside interface.
Weird but true...I've seen some devices not allow you through unless you
actually get your address from that device, regardless if you use the same
address or not.
Try using "ip address outside dhcp setroute" as an alternative.
Also, whenever I setup DSL or cable Internet access, I like to have the ISP
device setup as a bridge so I can terminate the public address on my
firewall. That way I can configure all the security myself as well as
remote access, which will likely need some form of dynamic DNS since you are
getting a dynamic address. The downside to doing this is that if you are
using PPPOE, you will have to setup those parameters on your PIX instead of
the DSL device.
Rik
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Aamir Aziz
Sent: Tuesday, August 08, 2006 10:58 AM
To: ccielab@groupstudy.com
Subject: Simple scenario for PIX
Hi there ppl
I have a simple scenario for PIX 506E but i cant seem to get it working, any
help is appreciated:
ADSL Router ----------PIX 506E-----------PC
ADSL Router is getting dynamic public IP from ISP.
ADSL router Local IP is = 10.1.1.1
PIX outside = 10.1.1.2
PIX inside = 192.168.1.2
PC = 192.168.1.1
PIX Version 6.3(5)
ip address outside 10.1.1.2
ip address inside 192.168.1.2 255.255.255.0 ip audit info action alarm ip
audit attack action alarm pdm logging informational 100 pdm history enable
arp timeout 14400 global (outside) 1 interface nat (inside) 1 0.0.0.0
0.0.0.0 0 0 route outside 0.0.0.0 0.0.0.0 10.1.1.1
The ADSL router (Linksys) is also doing NATing. I have no static public IP.
But net is not working on the PC, what am I missing here?
Thanks
This archive was generated by hypermail 2.1.4 : Fri Sep 01 2006 - 15:41:56 ART