Re: PIX FireWall and SBS

From: Duane Murphy (duane_at_m-i-s.com)
Date: 02/19/05 

Date: Sat, 19 Feb 2005 11:36:31 -0800

I have tried opening the website for 2 days now and it seems to be dead. Any
alternate address to get the mentioned informaiton?

"Stuart Mackie [MCSE MCSA]" <newsgroups@--REMOVE_THIS-NO_SPAM--stu.uk.com>
wrote in message news:%23OGmfXbFFHA.2676@TK2MSFTNGP12.phx.gbl...
> Hi Duane. I would advise using the dual nic setup with SBS2k3 and the
> PIX. Its unfortunate you are unable to use ISA since you will have no way
> in controlling access to the internet. www.smallbizserver.net has example
> network configurations for two nics and a router which will show the IP
> requirements. You server would be configured to use the PIX as a gateway,
> and the workstations would use the server internal nic as a gateway.
>
> PIX -- Server Ext Nic
> |
> Server Int Nic -- Switch -- Workstations
>
>
> To configure your PIX for use with a DSL PPoE DHCP connection use the
> commands below in CONFIG mode :
>
> ip address outside pppoe setroute
> ip address inside 192.168.1.1 255.255.255.0
> vpdn group ISP request dialout pppoe
> vpdn group ISP ppp authentication pap
> vpdn group ISP localname [dsl-username]
> vpdn username [dsl-username] password [dsl-password]
>
> global (outside) 1 interface
> nat (inside) 1 192.168.1.1 255.255.255.0 0 0
>
>
> Replace the dsl-username and dsl-password with appropriate details from
> your ISP. The IP addresses referring to the internal side of the PIX may
> also need to change depending on what you are currently using.
>
> If Earthlink do not use PPoE the configuration above won't be usable.
>
>
> If you would like to post your current configuration before making any
> changes I will post the list of commands to use rather than just the whole
> configuration ? (at the CLI type 'show running' remove any usernames or
> passwords before posting)
>
> --
> Hth,
> Stuart Mackie
> www.stu.uk.com
> MCSA: & MCSE: Security
>
>
> "Duane Murphy" <DuaneMurphy@discussions.microsoft.com> wrote in message
> news:954C5DBA-D5C8-4509-BC17-65D7370C6028@microsoft.com...
>> We have a single NIC in the server.
>> The dsl as I understand in ethernet in, provided by Earthlink. (Will
>> verify
>> more Friday AM when I confrence with the installing engineer of the DSL)
>> Most of the configureation has been done via the Web Interface. I have no
>> issue with the CLI if I know what commands to issue.
>>
>> "Stuart Mackie [MCSE MCSA]" wrote:
>>
>>> Hi Duane. Cisco Support is absolutely great, but I'm a little unsure if
>>> they haven't misunderstood your problem. As far as I understand a PIX
>>> can
>>> handle a dynamic external IP without having to act as DHCP for the
>>> internal
>>> network.
>>>
>>> Can you provide more information on how many network cards you have in
>>> your
>>> server, and the configuration requirements of your DSL line such as PPoE
>>> or
>>> PPoA etc ? Also, how are you configuring the PIX, through the web
>>> interface
>>> or via the CLI ?
>>>
>>> --
>>> Hth,
>>> Stuart Mackie
>>> www.stu.uk.com
>>> MCSA: & MCSE: Security
>>>
>>>
>>> "Duane Murphy" <DuaneMurphy@discussions.microsoft.com> wrote in message
>>> news:EA2B62F5-CE8C-4696-9994-DB6D2D3831AE@microsoft.com...
>>> > We have a single DSL connection terminating to a Cisco PIX box with a
>>> > Dymanic
>>> > IP on the out side, and according to Cisco need to provide DHCP to all
>>> > inside
>>> > machines (2 workstations & 1 Win2K3 Single honed Server)
>>> >
>>> > When I let the PIX box provide DHCP the everybody can see the internet
>>> > and
>>> > initially the Win2K3 server via IP. We can NOT see the MyCompany
>>> > Website,
>>> > and
>>> > we see delays when trying to open documents 3-4 minutes.
>>> >
>>> > When we Enable DHCP on the Win2k3 server we can access the MyCompany
>>> > Website, and docs seem to open imeadietely, however we lose access to
>>> > the
>>> > web.
>>> >
>>> > Cisco tells me that because of the Dynamic IP on the outside of the
>>> > Firewall
>>> > it must provide DHCP to the internal stations, or the firewall block
>>> > traffice
>>> > from going out. We have put in a request for a Static IP but that will
>>> > not
>>> > be
>>> > provisioned for up to 3 weeks.
>>> >
>>> > Any suggestions? I was told maybe an entry in the host file on the XP
>>> > workstations pointing back to the Win2K3 server?
>>> >
>>> > Thanks Duane
>>>
>>>
>>>
>
>

Relevant Pages

  • Re: PIX FireWall and SBS
    ... >> PIX. ... >> in controlling access to the internet. ... >> vpdn group ISP ppp authentication pap ... >> If Earthlink do not use PPoE the configuration above won't be usable. ...
    (microsoft.public.windows.server.sbs)
  • Re: PIX FireWall and SBS
    ... Allow users access to the server housed documents via VPN ... > network configurations for two nics and a router which will show the IP ... You server would be configured to use the PIX as a gateway, ... > If Earthlink do not use PPoE the configuration above won't be usable. ...
    (microsoft.public.windows.server.sbs)
  • Re: PIX FireWall and SBS
    ... I would advise using the dual nic setup with SBS2k3 and the PIX. ... network configurations for two nics and a router which will show the IP ... and the workstations would use the server internal nic as a gateway. ... If Earthlink do not use PPoE the configuration above won't be usable. ...
    (microsoft.public.windows.server.sbs)
  • Re: restore factory defaults
    ... To reset the PIX Firewall to factory default, log into the PIX, erase ... Password Recovery and AAA Configuration Recovery Procedure for the PIX ... fixup protocol http 80 ...
    (comp.dcom.sys.cisco)
  • Make kernel error nr. 1
    ... I get an error when i make the kernel. ... # GENERIC -- Generic kernel configuration file for FreeBSD/i386 ... # To support HyperThreading, HTT is needed in addition to SMP and APIC_IO ... # PCI Ethernet NICs that use the common MII bus controller code. ...
    (freebsd-questions)