I bascially want to use my PIX 515 so I don't have to run Zone Alarm, et al. on each PC -- I've asked a few questions before, but i'm looking for a bit of advice as to the best way to set this up...
Here's the gear:
ADSL Single IP address (non-static)
Pix 515 F/W
Here's the idea: (IP's changed to protect the innocent)
IP address is assigned by ISP, to the Asus router (184.108.40.206)
Asus router is then using NAT, and has an internal IP address, 10.0.0.1. PIX outside IP is set to 10.0.0.2.
(Theory: This means that the PIX can ping from 10.0.0.2 via 10.0.0.1 and out to 220.127.116.11 and beyond.. ?)
The PIX inside IP - 10.10.10.1 and runs NAT/DHCP to offer the client PCs an IP address in that range.
PC1 IP 10.10.10.10, PC2 IP 10.10.10.11, PC3 IP 10.10.10.12
So, PC1 goes through the PIX, which in turn goes through the Asus router and gets internet..
Question: Is this the best way of setting this up ? -- As I mentioned before, all I want is to be able to have the hardware f/w instead of running individual software firewalls.
Question: Any fatal flaws in my theory ?
I'm doing this to try and learn something about Cisco PIX's, so an answer like "don't bother with all that, just use Zone Alarm.." isn't really going to help me.. :)
Thanks for reading and a thousand thanks in advance for any (useful) advice offered! (and 200 pts for the best one :))