Re: Simple PIX 501 config
- From: Matt Scoff <xxscoffxx@xxxxxxx>
- Date: Mon, 29 May 2006 22:16:27 -0500
Thank you so much. I will see what I can get working. My present
config is new, reset to factory defaults.
My PC's need to be configured as 172.31.13.1 subnet 255.255.255.0 and
172.31.1.136 255.255.255.0, correct?
Outsude interface: 172.31.13.2 255.255.255.0
Inside interface 172.31.1.1 255.255.255.0
Correct?
On Sun, 28 May 2006 13:13:51 +0200, "Martin Bilgrav"
<bilgravCUTTHISOUT@xxxxxxxxxx> wrote:
"Matt Scoff" <xxscoffxx@xxxxxxx> wrote in message
news:hcqe729os3guafnqc5ektp1eg9nnvtihg4@xxxxxxxxxx
Basic config: I have two PC's. One is connected to the outside port
(eth0) and the other is connected to the inside port (eth1). I would
like to be able to access any port from the inside PC to the outside
PC. Most importantly ICMP/ping to verify the connectivity.
kinda hard when we dont know you present config.
but what you need is pretty simple.
a global
a nat
a ACL permit icmp
a ACL-group on the outside int.
Outside PC (172.31.13.1)
:
:
Cisco Pix 501
:
:
Inside PC (172.31.1.136)
wow - mind you subnetmasks here !
You can choose the eth0/eth1 ip address's because I am not certain
what they should be. Also let me know if the subnet mask "255.255.0.0"
needs to change on the PC's themselves.
YES !
You can not have both interface in the same subnet.
change subnetmasks to /24 = 255.255.255.0, also on the PIX config for inside
and outside interfaces.
Thanks for your help. I'm still learning in my test environment.
you may what to read the cisco config guides for the PIX.
HTH
Martin Bilgrav
.
- References:
- Simple PIX 501 config
- From: Matt Scoff
- Re: Simple PIX 501 config
- From: Martin Bilgrav
- Simple PIX 501 config
- Prev by Date: Cisco Secure ACS
- Next by Date: Re: problem with IOS
- Previous by thread: Re: Simple PIX 501 config
- Next by thread: Re: Simple PIX 501 config
- Index(es):
Relevant Pages
|
