Home > Others

Configure Cisco PIX Firewall for dual export

Source: Internet
Author: User
Tags firewall
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

First, the user needs

The user has a Cisco PIX 515E firewall, a netcom's export, and a telecom export. Now to implement the default are to go out of the telecommunications line, and access to Netcom's Web site using Netcom's line out.

Ii. Key points of implementation

1, the first to collect Netcom's IP network segment (this can be searched on the network, or telecom friends want a);

2, in the routing aspect, because the Cisco PIX is biased to the function of the firewall, so the PIX in the routing is relatively weak to be implemented through policy routing, where I used the default route to set up a telecommunications gateway, while adding a network of netcom IP static routes. This achieves the trend of two export routes.

3, in the area of NAT, to configure two Nat, one of which is to switch to Netcom's export IP, the other is to telecommunications to convert to the export of telecommunications IP, this NAT should be Netcom's NAT to configure in front of the telecommunications NAT, otherwise it will not be achieved.

CISCO pix Dual Export configuration

3.1 Environment Description

nameif ethernet0 outside security0
nameif ethernet1 inside security100
nameif ethernet5 teloutside security0
ip address outside 224.254.14.164 255.255.255.0
ip address inside 192.168.0.1 255.255.255.0
ip address teloutside 202.99.114.91 255.255.255.128
#备注:outside为网通线路出口;teloutside为电信线路出口;inside为内网接口;

3.2 Dual Export implementation

A, netcom IP network segment definition

Object-group Network Wtnetwork
Network-object 58.16.0.0 255.248.0.0
Network-object 58.100.0.0 255.254.0.0
Network-object 58.240.0.0 255.240.0.0
Network-object 60.0.0.0 255.248.0.0
Network-object 60.8.0.0 255.252.0.0
Network-object 60.12.0.0 255.255.0.0
Network-object 60.13.0.0 255.255.192.0
Network-object 60.13.128.0 255.255.128.0
Network-object 60.16.0.0 255.240.0.0
Network-object 60.24.0.0 255.248.0.0
Network-object 60.31.0.0 255.255.0.0
Network-object 60.208.0.0 255.248.0.0
Network-object 60.216.0.0 255.254.0.0
Network-object 60.220.0.0 255.252.0.0
Network-object 61.48.0.0 255.252.0.0
Network-object 61.52.0.0 255.254.0.0
Network-object 61.54.0.0 255.255.0.0
Network-object 61.55.0.0 255.255.0.0
Network-object 61.133.0.0 255.255.128.0
Network-object 61.134.64.0 255.255.192.0
Network-object 61.134.128.0 255.255.128.0
Network-object 61.135.0.0 255.255.0.0
Network-object 61.136.0.0 255.255.0.0
Network-object 61.138.0.0 255.255.128.0
Network-object 61.139.128.0 255.255.192.0
Network-object 61.148.0.0 255.255.0.0
Network-object 61.149.0.0 255.255.0.0
Network-object 61.156.0.0 255.255.0.0
Network-object 61.158.0.0 255.255.0.0
Network-object 61.159.0.0 255.255.192.0
Network-object 61.161.0.0 255.255.192.0
Network-object 61.161.128.0 255.255.128.0
Network-object 61.162.0.0 255.255.0.0
Network-object 61.163.0.0 255.255.0.0
Network-object 61.167.0.0 255.255.0.0
Network-object 61.168.0.0 255.255.0.0
Network-object 61.176.0.0 255.255.0.0
Network-object 61.179.0.0 255.255.0.0
Network-object 61.180.128.0 255.255.128.0
Network-object 61.181.0.0 255.255.0.0
Network-object 61.182.0.0 255.255.0.0
Network-object 61.189.0.0 255.255.128.0
Network-object 124.90.0.0 255.254.0.0
Network-object 124.162.0.0 255.255.0.0
Network-object 202.32.0.0 255.224.0.0
Network-object 202.96.64.0 255.255.224.0
Network-object 202.97.128.0 255.255.128.0
Network-object 202.98.0.0 255.255.224.0
Network-object 202.99.0.0 255.255.0.0
Network-object 202.102.128.0 255.255.192.0
Network-object 202.102.224.0 255.255.254.0
Network-object 202.106.0.0 255.255.0.0
Network-object 202.107.0.0 255.255.128.0
Network-object 202.108.0.0 255.255.0.0
Network-object 202.110.0.0 255.255.128.0
Network-object 202.110.192.0 255.255.192.0
Network-object 202.111.128.0 255.255.192.0
Network-object 203.79.0.0 255.255.0.0
Network-object 203.80.0.0 255.255.0.0
Network-object 203.81.0.0 255.255.224.0
Network-object 203.86.32.0 255.255.224.0
Network-object 203.86.64.0 255.255.224.0
Network-object 203.90.0.0 255.255.128.0
Network-object 203.90.128.0 255.255.192.0
Network-object 203.90.192.0 255.255.224.0
Network-object 203.92.0.0 255.254.0.0
Network-object 210.12.0.0 255.255.128.0
Network-object 210.12.192.0 255.255.192.0
Network-object 210.13.0.0 255.255.255.0
Network-object 210.14.160.0 255.255.224.0
Network-object 210.14.192.0 255.255.192.0
Network-object 210.15.0.0 255.255.128.0
Network-object 210.15.128.0 255.255.192.0
Network-object 210.16.128.0 255.255.192.0
Network-object 210.21.0.0 255.255.0.0
Network-object 210.22.0.0 255.255.0.0
Network-object 210.51.0.0 255.255.0.0
Network-object 210.52.0.0 255.254.0.0
Network-object 210.52.128.0 255.255.128.0
Network-object 210.53.0.0 255.255.0.0
Network-object 210.74.64.0 255.255.192.0
Network-object 210.74.128.0 255.255.192.0
Network-object 210.78.0.0 255.255.224.0
Network-object 210.82.0.0 255.254.0.0
Network-object 211.100.0.0 255.255.0.0
Network-object 211.101.0.0 255.255.192.0
Network-object 211.147.0.0 255.255.0.0
Network-object 211.167.96.0 255.255.224.0
Network-object 218.4.0.0 255.252.0.0
Network-object 218.10.0.0 255.254.0.0
Network-object 218.21.128.0 255.255.128.0
Network-object 218.24.0.0 255.254.0.0
Network-object 218.26.0.0 255.255.0.0
Network-object 218.27.0.0 255.255.0.0
Network-object 218.28.0.0 255.254.0.0
Network-object 218.56.0.0 255.252.0.0
Network-object 218.60.0.0 255.254.0.0
Network-object 218.62.0.0 255.255.128.0
Network-object 218.67.128.0 255.255.128.0
Network-object 218.68.0.0 255.254.0.0
Network-object 218.109.159.0 255.255.255.0
Network-object 219.141.128.0 255.255.128.0
Network-object 219.142.0.0 255.254.0.0
Network-object 219.154.0.0 255.254.0.0
Network-object 219.156.0.0 255.254.0.0
Network-object 219.158.0.0 255.255.0.0
Network-object 219.159.0.0 255.255.192.0
Network-object 220.248.0.0 255.252.0.0
Network-object 220.252.0.0 255.255.0.0
Network-object 221.0.0.0 255.252.0.0
Network-object 221.4.0.0 255.254.0.0
Network-object 221.6.0.0 255.255.0.0
Network-object 221.7.128.0 255.255.128.0
Network-object 221.8.0.0 255.254.0.0
Network-object 221.10.0.0 255.255.0.0
Network-object 221.11.0.0 255.255.128.0
Network-object 221.12.0.0 255.252.0.0
Network-object 221.12.0.0 255.255.128.0
Network-object 221.12.128.0 255.255.192.0
Network-object 221.192.0.0 255.252.0.0
Network-object 221.195.0.0 255.255.0.0
Network-object 221.196.0.0 255.254.0.0
Network-object 221.199.0.0 255.255.224.0
Network-object 221.199.32.0 255.255.240.0
Network-object 221.199.128.0 255.255.192.0
Network-object 221.199.192.0 255.255.240.0
Network-object 221.200.0.0 255.252.0.0
Network-object 221.204.0.0 255.254.0.0
Network-object 221.207.0.0 255.255.192.0
Network-object 221.208.0.0 255.240.0.0
Network-object 221.208.0.0 255.252.0.0
Network-object 221.213.0.0 255.255.0.0
Network-object 221.214.0.0 255.254.0.0
Network-object 222.128.0.0 255.252.0.0
Network-object 222.132.0.0 255.252.0.0
Network-object 222.136.0.0 255.248.0.0
Network-object 222.160.0.0 255.252.0.0
Network-object 222.163.0.0 255.255.224.0



This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
cisco pix 501 firewall cisco pix 515e firewall pix firewall cisco pix cisco pix 535 cisco pix 501 cisco pix configuration

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More