1. Home
  2. Cisco Systems
  3. Configuring a New T1 - Cisco 1720 / PIX 501

Configuring a New T1 - Cisco 1720 / PIX 501

I'm hoping someone can help me out here, this is definitely not my forte!

I have a new full T1 being installed and need help configuring the hardware. Here's what I have:

The telco is dropping a smart jack into my server room.

I have a Cisco 1720 with a WIC-1DSU-T1 installed in slot 0. I need to configure it to route my block of 8 IPs to a Cisco PIX 501.

I'm told the PIX can handle all of the routing beyond that point. The PIX will need to route one of the IPs to my SBS 2003 / ISA server that handles my company's domain, two of the IPs to two webservers sitting in the DMZ, and should use a 4th IP to NAT any connections from the DMZ. (I have tenants renting office space to which we provide internet access -- also need to provide DHCP in the DMZ.)

I need to allow access to HTTP, HTTPS, SMTP, VPN, FTP, POP3, IMAP4, and SQL Server (I think it's port 1433) through the firwall.

I hope that makes sense. This is my first venture into configuring this type of equipment from scratch. The most I have done in the past is to change the configuration on an AdTran to open ports.

Thanks in advance for any help you can provide!

Reply to
MasterOfNone
Loading thread data ...

All the configuration to do most of that is on Ciscos website.

Standard configuration is to put 1 set of ips on the serial interface of the 1721 router and the other 8 ips you have on the ethernet interface and outside interface of your pix.

You then configure your pix for NAT.

However the DMZ part is not possible with a PIX501.

You would need to buy a 515 to get a DMZ port.

If you have a 506 it is possible to make a virtual DMZ port using vlans and vlan enabled switch

What your asking for is alot of commands and that would take alot of time to write up. Better to go to Ciscos site and check out their configuration examples.

Else if your really over your head you need to learn how to work with IOS and PIXOS which is another problem.

Reply to
Matt.K.Mead

Here is a few examples you can base this off of.

formatting link
formatting link
I can't find a good router config for you so use this to base yours off of.

! interface FastEthernet0 ip address x.x.x.x 255.255.255.248 (1 of those 8 IPs your ISP gave you) no ip directed-broadcast ! ! interface Serial0 ip address x.x.x.x 255.255.255.252 (Point to Point T1 IP ADRESS ISP gives you) no ip directed-broadcast ! ip route 0.0.0.0 0.0.0.0 Serial0 ! end

cross over cable between the pix and the router.

Reply to
Matt.K.Mead

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.