Cisco 501

Hi,

I have a static IP address from my ISP. I also have a router with a built in Modem so I plug the router into the telephone line. If I make a direct connection from my router to my PC with the following addresses on my PC everything works fine, I get a connection to the internet (can view webpages):

IP: 194.97.248.40 Subnet: 255.255.255.250 Default Gateway: 194.97.248.39

Preferred DNS : 193.167.64.5 Alternate DNS : 194.97.230.30

As soon as I connect my Cisco 501 PIX in between the PC and the router, I don't get any internet connection. Here are the steps I am following to configure the firewall, so please guide me where I am going wrong:

I start the PDM by going to https://192.168.1.1/startup.html Once started and authenticated get the Basic Configuration and I leave the default values ( PIX Host Name = pixfirewall, Domain Name: ciscopix.com)

On the next page "Outside Interface Configuration" I leave the "Speed to Auto" and I select "static IP address" and input the following details IP 194.97.248.40, Subnet Mask: 255.255.255.250 and Default Gateway: 194.97.248.39

On the next page I leave the remote VPN page empty

On the next page I also leave the Auto update Configuration empty

On the next page "Other Interfaces Configuration I can see the Inside and outside interface settings and the inside has a security level of

100 and the outside has 0.

On the next page "NAT and PAT Configuration" I select "do not translate any addresses.

On the next page I disable the DHCP because I can allocate a specific IP for the PC connecting to the Firewall.

After applying all these setting and saving them. I specify TCP/IP for my PC with the following addresses:

IP: 192.168.1.10 Subnet Mask: 255.255.255.0 Default Gateway : 192.168.1.1

I try to connect to the internet but I will not let me connect. For some reason Skype is able to connect which is quite strange.

Do I need to configure anything more? Why does it not allow me to connect to the internet?

When I remove the firewall I am getting a connection. Please can you guide me?

Thank you, James

Reply to
jamesp010
Loading thread data ...

Reply to
mike jones

I think you're right.... He needs NAT.

James: If the Internet address is 194.97.248.40 and your PC address is 192.168.1.10 what about that makes you think you don't need address translation? Without translation the PIX will send out the address 192.168.1.10 to the Internet and that's NOT your Internet address (194.97.248.40 is) so you could never get a response, and changes are your provider won't allow that outbound anyway.

Dennis

mike j> i think u need to enable nat translation

Reply to
Dennis Willson

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.