Help with DMZ on Pix515

- Y
- young_neils
  
  Contact options for registered users
posted
17 years ago

Mon, Aug 28, 2006 9:03 AM

Hi, I have been assigned to remove a Sonicwall and replace it with a Cisco Pix 515. I have configured internet and VPN, but I haven't been able to get the DMZ working.

On the Sonicwall interface this look incredible simple, it's just a range of public IP adresses assigned to the physical DMZ port. I haven't been able to do this on the Pix. I thought I would just use the available physical interface on the Pix and configure it identical to the Sonicwall and plug in. Could anyone please give me directions, prefferably how to do this with the ADSM?

Would be ever so grateful.

Loading thread data ...

- W
- Walter Roberson
  
  Contact options for registered users
Vote on answer
posted
17 years ago

Mon, Aug 28, 2006 2:03 PM

ADSM implies you are using PIX 7.something .

If ADSM is like the PDM it replaced, then it isn't worth your time to learn how to use it until you *already* know a fair bit about the PIX.

There are several examples in the Cisco online documentation -- or at least there are for the command line.

You have been rather vague about what you want to do. We can tell you want public IPs to be associated with the DMZ, but that's about it. We cannot, for example, tell whether you need people to be able to access the hosts on the DMZs from outside, or if instead all new the traffic is outwards (e.g., a DNS server) and you want a pool of IP addresses to be used. You have also not indicated what kind of problem you encountered.

With the information you have provided, about the best guess I can make at your problem is this: each PIX interface must use a different subnet. It is not permitted to take a single subnet and assign some of its IPs to one interface and some of them to another.

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.