|
Posted by Martin Kayes on July 13, 2005, 9:23 am
If you were Registered and logged in, you could reply and use other advanced thread options
to the outside interface address of the PIX, then the PIX will need a global
nat setting up to translate the PC's to it's own outside interface address.
If the Draytek is doing a many:1 PAT translation and is using the PC's
subnet as the source then the PIX will need a nat 0 statement for the PC
subnet to be allowed to reach the Draytek with their original IP's intact.
If that isn't too clear then could you confirm which types of NAT & relevant
addresses you are using.
Regards,
Martin
>I can confirm that this can be done as I am currently doing it myself
>(however I am using a Draytek instead of a Linksys).
>
> At present from the PIX I can ping outside to the Internet but PC's from
> behind the PIX (although they have a correct configured IP address) can
> only ping to the inside interface of the PIX but cannot go out!
>
> I am wondering whether this is due to the fact that there is NAT happening
> on the Draytek but not sure what else to do, if anyone can give any tips
> that would be great!
>
> J
>
>
>> Yes, you can put any address on the outside interface. I have a similar
>> setup working with several customers.
>>
>> Regards,
>>
>> Martin
>>
>>>I have a Linksys router connected to a cable modem.
>>>
>>> I just got a cisco pix 501 off of ebay and I want to put it behind the
>>> Linksys router, then all systems behind the pix.
>>>
>>> Can I configure int0 with a private address?
>>>
>>> So if I give the internal network behind the PIX 192.168.3.1
>>> then the outsidie int0 192.168.2.1
>>>
>>> Then my linksys router 192.168.1.1
>>>
>>> Then create a static route between the PIX and the Linksys.
>>>
>>> Will this work. I was told that I could not configure the outside
>>> interface with a private address.
>>>
>>> Thanks
>>>
>>
>>
>
>
| 
Yahoo! 
Google 
Windows Live 
del.icio.us 
digg 
Netscape 
XML site map