No announcement yet.

traffic from outside to inside - PIX 501

  • Filter
  • Time
  • Show
Clear All
new posts

  • traffic from outside to inside - PIX 501

    Hi guys,

    I have a little problem with my Routing setup.
    First said: My Configuration is not the best kind of choice, I know that, but I want to minimize my hardware needs.
    So here goes:
    Due to our silly ISP I am forced to use their own router. The damn thing can do nothing but DMZ, WLAN, VDSL and basic NAT. That device offers not enough functions for my needs, so I use the DMZ feature and put my PIX 501 behind it. So far so good.
    I do now have a small transfer network with a IPTV device from the ISP and WLAN.
    The problem is now how to connect my mobile devices, laptop and pocketpc, to the inside network behind the pix firewall. There is a DC and an Exchange on the inside.
    I could of course put an accesspoint inside, but that would mean just another device sucking energy, so i would like to find a solution here, if possible.
    The ISP's router can not do static routes unfortunately, so i tried and configured the outside pix interface as gateway on the mobile's. ACL's from outside to inside allow are in place, but i cannot ping through the pix that way.

    Is this way of accessing through the pix even possible?

    thanks for your input,


  • #2
    Re: traffic from outside to inside - PIX 501

    Can the router sit transparent? I.E. just having one IP address for both internal and external interfaces? No-NAT config so to speak?

    Please read this before you post:

    Quis custodiet ipsos custodes?


    • #3
      Re: traffic from outside to inside - PIX 501

      Just to follow on from Andy's suggestion, a lot of these routers have a 'bridge' function that binds the external and internal interfaces and sets a virtual interface for both. Then you can set the PIXes external interface up within the network you've been given by your ISP. (Tricky if its a single IP).

      Or- have you investigated the possibility of setting the PIX up as a PPPOE client? That way, you get the public IPs on the outside of the PIX, and the router just acts as a wire.