Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
304
Views
0
Helpful
3
Replies

PIX - Router issues

icontact
Level 1
Level 1

‎12-21-2002 03:17 AM - edited ‎03-02-2019 03:45 AM

I am having issues with what should be a simple config. I am connecting to the internet with a Cisco 806 via PPPoE, this works fine. I have the E0 connected to the PIX via A crossover, I have the DSL modem connected to E1. From the router I can ping/telnet anywhere no worries. From the Inside of the router if I connect a PC, I can also connect to everywhere. However, I wish to publish a class C set of ip addresses, 203.x.y.1 thru 203.x.y.254 to servers behind the PIX. I can get connectivity from the PIX, and have opened all the appropriate ports on the PIX, however the servers behind the firewall fail to receive the replies from the internet. I can see them leaving the router, but they don't seem to NAT properly, in that it's almost as though the source address is dynamically allocated to the servers as they leave the router.

Litlle help.. I have the following nat pool

ip nat pool mypool 203.x.y.1 203.x.y.254 netmask 255.255.255.0

ip nat inside source list 1 pool mypool overload

ip route 0.0.0.0 0.0.0.0 dialer1 (default route for the DSL connection)

where am i going wrong.]

Is there a simple suggested router config for in front a PIX, as I have no connectivity problems from the router...

Cheers

Labels:
0 Helpful
3 Replies 3

lgijssel
Level 9
Level 9

‎12-21-2002 10:54 AM

The issue is that you cannot do NAT on a PPTP connection. There is no concept of ports in GRE, the protocol that is used on top of IP.

There might be a partial solution for this. Please check the PIX techtips on CCO or do a search on PPTP.

0 Helpful

huizhan.zhang
Level 1
Level 1

‎12-22-2002 10:39 PM

hi

I am not sure what is your configure on port about NAT.

If you configure "ip nat inside "on E1 and "ip nat outside " on E0 ,I guest you have make some mistake .

Configuring "ip nat pool mypool 203.x.y.1 203.x.y.254 netmask 255.255.255.0 " means dynatic NAT will be doing when outgoing packets come from E1.

So , you cann't using 203.x.y.z as a nat pool.

In my opinion, you can just configuring static NAT on Cisco 806 , or configuring static NAT on PIX and don't translating 203.x.y.0 on Cisco 806.

Regards,

Inted

0 Helpful

jshakyan
Cisco Employee
Cisco Employee

‎12-22-2002 11:29 PM

What is in list 1? Remember that PIX will try to do a NAT also. Make sure you've configured NAT 0 on the PIX to disable NAT for the LAN or create a approproate NATing on teh PIX for servers.

JS

0 Helpful
Customers Also Viewed These Support Documents