[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Pix501 Static configuration for my DSL DHCP service

Posted on 2006-11-06
2
Medium Priority
?
185 Views
Last Modified: 2010-04-09
I have a PIX 501 Firewall with the factory default configuration loaded. I connected it to my DSL modem and I can get on the internet without any problems. My DSL service uses DHCP.  I'll be running a web server and would like to assign my server with a static IP address (i.e. 192.168.1.10 with the subnet 255.255.255.0 with default gateway 192.168.1.1).  Can some one please walk me through the process?

Thanks
0
Comment
Question by:twumasisarfo
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 28

Accepted Solution

by:
batry_boy earned 750 total points
ID: 17912126
First, it would help if you would post your existing PIX configuration.  Just take out any sensitive data first before posting.

Without this info, here's a stab at how you would do this:

First, if you're wanting to set up a web server for Internet users to access, you should probably get a static public IP address from your DSL service provider (if you haven't already!).  In this manner, your web site would always be accessible via the same IP address.

Next, let's assume that your DSL provider has given you the static IP address of 1.1.1.1 to use on your PIX outside interface.  The PIX is still configured to use DHCP, but the DSL provider has programmed their side to always give you the 1.1.1.1 address when you PIX performs a DHCP request.

Next, we also assume that you only have the one static IP address to use for both the PIX outside interface AND to use to direct incoming web traffic to your web server.

Finally, here are the commands to implement this to allow both regular unencrypted web traffic (http) and encrypted web traffic (https) inbound to the web server, given that the internal IP address of the web server is 192.168.1.10.  We have to use port redirection to redirect TCP 80 and 443 (http and https) traffic inbound to the web server since you only have the one public IP address.

static (inside,outside) tcp interface www 192.168.1.10 www netmask 255.255.255.255
static (inside,outside) tcp interface https 192.168.1.10 https netmask 255.255.255.255
access-list acl_in permit tcp any host 1.1.1.1 eq www
access-list acl_in permit tcp any host 1.1.1.1 eq https
access-group acl_in in interface outside

The first two static commands perform the port redirection for http and https traffic.  Next, the two access-list commands allow that same traffic inbound from anywhere on the Internet.  Finally, the access-group command applies that ACL to the outside interface in an inbound direction.

If you need any other specific help, you may consider posting the PIX configuration as I mentioned above.

Hope this helps!
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
This is my first video review of Microsoft Bookings, I will be doing a part two with a bit more information, but wanted to get this out to you folks.
In this video, Percona Solution Engineer Dimitri Vanoverbeke discusses why you want to use at least three nodes in a database cluster. To discuss how Percona Consulting can help with your design and architecture needs for your database and infras…
Suggested Courses

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question