Pix to Router connection

Posted on 2009-04-30
Last Modified: 2012-05-06
On a test bench i am trying to connect a pix 501 to a 2600 ethernet port. this is to simulate the outside of a network, i just cant seem to get these two to connect. im missing somthing.

Router#show run

Building configuration...

Current configuration:


version 12.1

service config

service timestamps debug uptime

service timestamps log uptime

no service password-encryption


hostname Router


enable secret 5 $1$I931$IWvP0imVvT2jVeoqSLAdC1

enable password 1234






ip subnet-zero

no ip routing





interface FastEthernet0/0

 ip address

 no ip route-cache

 no ip mroute-cache

 speed auto


 no cdp enable


interface Serial0/0

 no ip address

 no ip route-cache

 no ip mroute-cache



ip classless

no ip http server



line con 0

 exec-timeout 0 0

 transport input none

line aux 0

line vty 0 4

 password 12345






PIX Version 6.3(5)

interface ethernet0 auto

interface ethernet1 100full

nameif ethernet0 outside security0

nameif ethernet1 inside security100

enable password RLPMUQ26KL4blgFN encrypted

passwd PLBb27eKLE1o9FTB encrypted

hostname pix


fixup protocol dns maximum-length 512

fixup protocol ftp 21

fixup protocol h323 h225 1720

fixup protocol h323 ras 1718-1719

fixup protocol http 80

fixup protocol rsh 514

fixup protocol rtsp 554

fixup protocol sip 5060

fixup protocol sip udp 5060

fixup protocol skinny 2000

fixup protocol smtp 25

fixup protocol sqlnet 1521

fixup protocol tftp 69


pager lines 24

mtu outside 1500

mtu inside 1500

ip address outside

ip address inside

ip audit info action alarm

ip audit attack action alarm

pdm history enable

arp timeout 14400

global (outside) 1 interface

nat (inside) 1 0 0

route outside 1

timeout xlate 3:00:00

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00

timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00

timeout sip-disconnect 0:02:00 sip-invite 0:03:00

timeout uauth 0:05:00 absolute

aaa-server TACACS+ protocol tacacs+

aaa-server TACACS+ max-failed-attempts 3

aaa-server TACACS+ deadtime 10

aaa-server RADIUS protocol radius

aaa-server RADIUS max-failed-attempts 3

aaa-server RADIUS deadtime 10

aaa-server LOCAL protocol local

http server enable

http inside

no snmp-server location

no snmp-server contact

snmp-server community public

no snmp-server enable traps

floodguard enable

telnet inside

telnet timeout 5

ssh timeout 5

console timeout 0

terminal width 80


: end


Open in new window

Question by:davidummel
    LVL 7

    Expert Comment

    How are you testing connectivity?  Ping?  By default, PIX won't answer ping on an outside interface.


    Author Comment

    I dont have link lights on either device. I know the link lites work on both devices with other tests.
    LVL 7

    Expert Comment

    Are you using a crossover Ethernet cable?

    Author Comment

    I am using the same type of ethernet cable that i have a 5510asa and 2811 connected with
    LVL 7

    Accepted Solution

    ASA 5510 has auto MDI/MDI-X ethernet cable flipping, 501 does not.  You need a crossover cable or a hub/switch between them.

    Author Closing Comment

    BAH! so crazy.
    yes you are right, i made a crossover and life is suddenly good again. thank you for your help.

    Featured Post

    6 Surprising Benefits of Threat Intelligence

    All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

    Join & Write a Comment

    I found an issue or “bug” in the SonicOS platform (the firmware controlling SonicWALL security appliances) that has to do with renaming Default Service Objects, which then causes a portion of the system to become uncontrollable and unstable. BACK…
    The Cisco RV042 router is a popular small network interfacing device that is often used as an internet gateway. Network administrators need to get at the management interface to make settings, change passwords, etc. This access is generally done usi…
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

    734 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    25 Experts available now in Live!

    Get 1:1 Help Now