configuring inside and outside IP address

I have a PIX that I am working on.  I have worked with other Cisco products before, but only for updating already configured devices.  This one is from scratch.

I was trying to set the IP addresses for the device and found that you can not set the IPs for the outside and inside to be the same.

I was looking to have the Pix use the modem as a gateway and then have all my other devices use the Pix as a gateway.  I was going to assign the inside and outside IP address the same to make things easy, but it looks like I wil need to assign a different subnet to one of the two?

Any suggestions?  Also if anyone has some links about programming a PIX, it would be great.
LVL 12
ryan80Asked:
Who is Participating?
 
ricks_vConnect With a Mentor Commented:
ok, that's possible.
but we will have to do it differently ( as no same ip subnet can be assign on outside and inside of the pix)

It's gona be like this:
PIX (outside) 10.0.0.x connect to sonicwall device 10.0.0.x
PIX (inside) 192.168.1.1 connect to test pc (192.168.1.2)

-how to get the pc talk to the 10.0.0.x network ?
by using NAT static (inside,outside) and and (outside,inside) , and possibly PAT too if required for certain traffic only.
so what happen, when pc tries to reach the 10.x.x.x network, it will not have source 192.x.x.x anymore. NAT will change the pc ip to 10.x.x.x and will able to have access.

-how to apply access list?
apply access list on the pix (inside, outside, vice versa), certain 192..x.x.x allow/block certain 10.x.x.x destionaion or source.

Im just giving general idea here, for commands try google: nat (inside,outside) x.x.x.x bla bla

0
 
KutyiCommented:
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/prod_configuration_examples_list.html

If your ISP provides DHCP then enter tthe address with the following command:
IP Address outside dhcp setroute

Set your internal IP address to a non-routable address like 192.168.1.1 (default for a pix 501)

Hope this helps.  By the way if this is a new unit then CISCO will help you set it up for FREE.
0
 
H_HarryCommented:
Are you sure you want the PIX to use the modem as the gateway? What type of modem is it - i.e. a home ADSLRouter/Modem or a commercial type dedicated modem?
Since you want the pix to use the modem as the gateway I will assume it is a router/modem. if this is the case you just need to set the Outside IP address of the PIX to be on the same subnet as the private IP of the modem, and then set a default route pointing at the modem,
Then on the Inside interface set an IP that is valid for your internal subnet in use and point your clients to this IP as their default gateway - when traffic comes into the PIX if there is no specific route for it, the PIX will adhere to its default route and send the traffic to the modem/router which by the looks of your question is what you want.
If your modem is not a router/modem type than as mentioned by Kutyi ^ set the outside IP to pick up a DHCP IP from the ISP via the modem and just assign the Inside interfaces IP as normal and still point your internal hosts to this IP as their Default Gateway - the PIX will do the rest for you.
0
The IT Degree for Career Advancement

Earn your B.S. in Network Operations and Security and become a network and IT security expert. This WGU degree program curriculum was designed with tech-savvy, self-motivated students in mind – allowing you to use your technical expertise, to address real-world business problems.

 
ricks_vCommented:
this is the most configuration for pix / asa example:

10.0.0.x(LAN) <--->10.0.0.1/24 (inside) PIX (outside) 192.168.1.2 <-----> 192.168.1.1(inside) ADSL x.x.x.x(internet address)

gateway for clients will be 10.0.0.1 , gateway for pix will be 192.168.1.1 .

another common solution will be:
 10.0.0.x(LAN) <--->10.0.0.1/24 (inside) PIX (outside) dhcp / internet address <-----> ADSL with DMZ mode

NO same subnet ip address can be assigned for inside and outside, because will cause device confusion where to pass 10.x.x.x network for example.
Also Access will not be able to be configured properly between inside and outside.
Additional infos,  outside will have lower security level setting (e.g 0) , inside will have higher (e.g 100)



0
 
ryan80Author Commented:
I guess what i really wanted to do is this:

i already have a Sonicwall device that I use as my firewall/ router.  i am really just learning Cisco configurations and wanted to use the PIX as a test bed.  i was hoping to have it be inside my network and have both ends be in the same subnet and then do static routing for the IPs that would be on the LAN side of the PIX.  This way I could put one computer behind the PIX firewall to test the firewall.

I guess I could do static routing of another subnet throught the PIX and make the computer behind the PIX accessable to the rest of the network.

Does this sound feasable?
0
 
ryan80Author Commented:
Ok figured that I would have to do something like this.  Thanks for the input.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.