Re: Cisco PIX 501 configuration with no router

[Daniel Linder <dan_linder () yahoo com>]

--- Alan Chan <alanux () excite com> wrote:
> Has anyone tried configuring Cisco PIX 501 for SOHO security without
> a perimeter router? 

I assume you have some sort of Cable Modem or DSL modem that is
presenting you with an RJ-45 Ethernet port (i.e. *NOT* a POTS or serial
T1 port coming from the wall).  If you have this, then you just ignore
the missing "router" at your location and configure the PIX as if the
ethernet connection you are presented with is actually connected to a
router.  The only thing that might cause a problem is if you need a
crossover or straight through cable to connect the PIX to the "other"
device.

> I wasn't able to get out the Internet and I think mainly because I
> haven't configured the PAT (Port Address Translation) correctly and
> that I haven't configured the Access-list to allow outgoing traffic.
> Any thoughts...

<humor mode on>
Well, you need to configure the ACL and PAT on the PIX... :)
<humor mode off>

> Most of the examples on the net and Cisco Press book require a
> perimeter router (Cisco 1720), but I do not have a router. It seems
> like you have to have a router to get the Cisco PIX firewall to work
> with DSL. Sonicwall and Netscreen SOHO do not require a router... so
> I thought Cisco PIX would be the same. 

The PIX will act similarly to a router -- it will take in inside
network and let the packets pass across it if they meet all the
requirements of the ACL you setup above.  To reiterate, if the DSL
"modem" is presenting you with a stadard RJ45 Ethernet port then just
replace the router that the books reference with the DSL modem.

Dan

__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com
_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards