?
Solved

PIX and 1 Public IP

Posted on 2006-06-28
4
Medium Priority
?
398 Views
Last Modified: 2010-07-27
Good Morning,
   I have a question and I think I know the answer is no but want to throw it out there.

I have a public static IP on a DSL router from my ISP.  

Is there away to translate that on a pix so that I can setup a IPSEC Tunnel?

I don't think there is away but thought I would see if someone knows something I Don't

Trav
0
Comment
Question by:tolsonkra
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 13

Expert Comment

by:prashsax
ID: 17002043
Configure the DSL router to port-forward UDP 500 and UDP 4500 to the PIX IP address

On the PIX, be sure to enable nat-t

  isakmp nat-traversal 20
0
 
LVL 32

Accepted Solution

by:
rsivanandan earned 600 total points
ID: 17002676
What you are asking can be done. First, you will need to configure the DSL router to be in bridge mode and get the ip address assigned on outside interface of PIX firewall.

You can avail assistance for doing this from the ISP if the router is managed by them.

Cheers,
Rajesh
0
 
LVL 8

Expert Comment

by:photograffiti
ID: 17007339
The question is whether or not your trying to set up a LAN-to-LAN tunnel from this PIX to another device. And for a LAN-to-LAN tunnel, do you need the other side to initiate traffic back to this PIX or is it this PIX that always initiates the traffic? Or are you trying to setup a remote access VPN for clients to connect to the PIX.?
If your PIX is the only one initiating traffic you can enable NAT-T as instructed above and everything should work without your doing anything on your router. If the other side needs to initiate traffic or you're setting up a remote access VPN so remote VPN clients can connect to your PIX and access inside services, then follow the instructions per prashsax.
0
 
LVL 3

Author Comment

by:tolsonkra
ID: 17042031
I will try these tonight thanks.
0

Featured Post

Need protection from advanced malware attacks?

Look no further than WatchGuard's Total Security Suite, providing defense in depth against today's most headlining attacks like Petya 2.0 and WannaCry. Keep your organization out of the news with protection from known and unknown threats.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Learn how to PXE Boot both BIOS & UEFI machines with DHCP Policies and Custom Vendor Classes
WARNING:   If you follow the instructions here, you will wipe out your VTP and VLAN configurations.  Make sure you have backed up your switch!!! I recently had some issues with a few low-end Cisco routers (RV325) and I opened a case with Cisco TA…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
Suggested Courses

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question