Re: urgent PIX help
Not that Im aware of. I thought you need (2) IPs to do NAT on a PIX (one for the external interface, and one for the NAT statement). I could be wrong...(it's happened before, once or twice! :) -Brad Ellis CCIE#5796 [EMAIL PROTECTED] used cisco hardware: www.optsys.net cisco certification newsgroup: news://news.optsys.net/cisco.certification "Jim Bond" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hello, > > I have only 1 ip address assigned by my ISP, how can I > use PIX to do NAT? Looks like PIX requires at least 2 > outside ip addresses, one for outside interface, one > for PAT. Is there a way to use only 1 ip address? > > Thanks in advance. > > > Jim > > __ > Do You Yahoo!? > Yahoo! Photos - 35mm Quality Prints, Now Get 15 Free! > http://photos.yahoo.com/ > > **NOTE: New CCNA/CCDA List has been formed. For more information go to > http://www.groupstudy.com/list/Associates.html > _ > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: http://www.groupstudy.com > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > **NOTE: New CCNA/CCDA List has been formed. For more information go to http://www.groupstudy.com/list/Associates.html _ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: urgent PIX help
In the new version of PIX software 5.2(1) you can nat to an interface. Instead of the old command "global (outside) 1 x.x.x.x" use the command " global (outside) 1 interface ". You can read up on this new feature at: http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_v52/pixrn522.htm#xtocid752631 I hope this helps. Todd CCNP/CCDP Jim Bond wrote: > Hello, > > I have only 1 ip address assigned by my ISP, how can I > use PIX to do NAT? Looks like PIX requires at least 2 > outside ip addresses, one for outside interface, one > for PAT. Is there a way to use only 1 ip address? > > Thanks in advance. > > Jim > > __ > Do You Yahoo!? > Yahoo! Photos - 35mm Quality Prints, Now Get 15 Free! > http://photos.yahoo.com/ > > **NOTE: New CCNA/CCDA List has been formed. For more information go to > http://www.groupstudy.com/list/Associates.html > _ > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: http://www.groupstudy.com > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] **NOTE: New CCNA/CCDA List has been formed. For more information go to http://www.groupstudy.com/list/Associates.html _ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: urgent PIX help
PIX 5.21 code is out now. It supports hiding behind interface IP address. Sam > Hello, > > I have only 1 ip address assigned by my ISP, how can I > use PIX to do NAT? Looks like PIX requires at least 2 > outside ip addresses, one for outside interface, one > for PAT. Is there a way to use only 1 ip address? > > Thanks in advance. > > > Jim > > __ > Do You Yahoo!? > Yahoo! Photos - 35mm Quality Prints, Now Get 15 Free! > http://photos.yahoo.com/ > > ___ > To unsubscribe from the CCIELAB list, send a message to > [EMAIL PROTECTED] with the body containing: > unsubscribe ccielab > **NOTE: New CCNA/CCDA List has been formed. For more information go to http://www.groupstudy.com/list/Associates.html _ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: urgent PIX help
> I have only 1 ip address assigned by my ISP, how can I use > PIX to do NAT? Looks like PIX requires at least 2 outside ip > addresses, one for outside interface, one for PAT. Is there a > way to use only 1 ip address? PIX software 5.2(1) allows you to do this, sort of like the IOS 'overload' parameter to the 'ip nat' command. Try this nat (inside) 1 0 0 global (outside) 1 interface HTH, -A -- Heroes: Vint Cerf & Bob Kahn, Leonard Kleinrock, Robert Metcalfe Links : http://www.hojmark.org/networking/ **NOTE: New CCNA/CCDA List has been formed. For more information go to http://www.groupstudy.com/list/Associates.html _ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: urgent PIX help AGAIN
Thank you! One more question: when I configure PIX as DHCP server, it only allows 10 addresses in the pool. Here is what I got: pixfirewall(config)# dhcpd address 10.1.1.101-10.1.1.150 inside Number of addresses exceeds limit Is 10 max? Thanks in advance. Jim --- Todd Plambeck <[EMAIL PROTECTED]> wrote: > In the new version of PIX software 5.2(1) you can > nat to an interface. > Instead of the old command "global (outside) 1 > x.x.x.x" use the command > " global (outside) 1 interface ". You can read up on > this new feature at: > > http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_v52/pixrn522.htm#xtocid752631 > > I hope this helps. > > Todd > CCNP/CCDP > > Jim Bond wrote: > > > Hello, > > > > I have only 1 ip address assigned by my ISP, how > can I > > use PIX to do NAT? Looks like PIX requires at > least 2 > > outside ip addresses, one for outside interface, > one > > for PAT. Is there a way to use only 1 ip address? > > > > Thanks in advance. > > > > Jim > > > > __ > > Do You Yahoo!? > > Yahoo! Photos - 35mm Quality Prints, Now Get 15 > Free! > > http://photos.yahoo.com/ > > > > **NOTE: New CCNA/CCDA List has been formed. For > more information go to > > http://www.groupstudy.com/list/Associates.html > > _ > > UPDATED Posting Guidelines: > http://www.groupstudy.com/list/guide.html > > FAQ, list archives, and subscription info: > http://www.groupstudy.com > > Report misconduct and Nondisclosure violations to > [EMAIL PROTECTED] > __ Do You Yahoo!? Yahoo! Photos - 35mm Quality Prints, Now Get 15 Free! http://photos.yahoo.com/ **NOTE: New CCNA/CCDA List has been formed. For more information go to http://www.groupstudy.com/list/Associates.html _ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: urgent PIX help AGAIN
I just installed a PIX-506 and 10 was the max. I believe, though am not certain, this is the case accross all hardware platforms running 5.2 software. HTH Greg "Jim Bond" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Thank you! > > One more question: when I configure PIX as DHCP > server, it only allows 10 addresses in the pool. > Here is what I got: > > pixfirewall(config)# dhcpd address > 10.1.1.101-10.1.1.150 inside > Number of addresses exceeds limit > > Is 10 max? > > Thanks in advance. > > > > Jim > > --- Todd Plambeck <[EMAIL PROTECTED]> wrote: > > In the new version of PIX software 5.2(1) you can > > nat to an interface. > > Instead of the old command "global (outside) 1 > > x.x.x.x" use the command > > " global (outside) 1 interface ". You can read up on > > this new feature at: > > > > > http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_v52/pixrn522.h tm#xtocid752631 > > > > I hope this helps. > > > > Todd > > CCNP/CCDP > > > > Jim Bond wrote: > > > > > Hello, > > > > > > I have only 1 ip address assigned by my ISP, how > > can I > > > use PIX to do NAT? Looks like PIX requires at > > least 2 > > > outside ip addresses, one for outside interface, > > one > > > for PAT. Is there a way to use only 1 ip address? > > > > > > Thanks in advance. > > > > > > Jim > > > > > > __ > > > Do You Yahoo!? > > > Yahoo! Photos - 35mm Quality Prints, Now Get 15 > > Free! > > > http://photos.yahoo.com/ > > > > > > **NOTE: New CCNA/CCDA List has been formed. For > > more information go to > > > http://www.groupstudy.com/list/Associates.html > > > _ > > > UPDATED Posting Guidelines: > > http://www.groupstudy.com/list/guide.html > > > FAQ, list archives, and subscription info: > > http://www.groupstudy.com > > > Report misconduct and Nondisclosure violations to > > [EMAIL PROTECTED] > > > > > __ > Do You Yahoo!? > Yahoo! Photos - 35mm Quality Prints, Now Get 15 Free! > http://photos.yahoo.com/ > > **NOTE: New CCNA/CCDA List has been formed. For more information go to > http://www.groupstudy.com/list/Associates.html > _ > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: http://www.groupstudy.com > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > **NOTE: New CCNA/CCDA List has been formed. For more information go to http://www.groupstudy.com/list/Associates.html _ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: urgent PIX help AGAIN
YES. PIX506 is made for small office with less than 10 computers. If you have more, keep DHCP services on your NT or Novell server. Sam > Thank you! > > One more question: when I configure PIX as DHCP > server, it only allows 10 addresses in the pool. > Here is what I got: > > pixfirewall(config)# dhcpd address > 10.1.1.101-10.1.1.150 inside > Number of addresses exceeds limit > > Is 10 max? > > Thanks in advance. > > > > Jim > > --- Todd Plambeck <[EMAIL PROTECTED]> wrote: > > In the new version of PIX software 5.2(1) you can > > nat to an interface. > > Instead of the old command "global (outside) 1 > > x.x.x.x" use the command > > " global (outside) 1 interface ". You can read up on > > this new feature at: > > > > > http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_v52/pixrn522.h tm#xtocid752631 > > > > I hope this helps. > > > > Todd > > CCNP/CCDP > > > > Jim Bond wrote: > > > > > Hello, > > > > > > I have only 1 ip address assigned by my ISP, how > > can I > > > use PIX to do NAT? Looks like PIX requires at > > least 2 > > > outside ip addresses, one for outside interface, > > one > > > for PAT. Is there a way to use only 1 ip address? > > > > > > Thanks in advance. > > > > > > Jim > > > > > > __ > > > Do You Yahoo!? > > > Yahoo! Photos - 35mm Quality Prints, Now Get 15 > > Free! > > > http://photos.yahoo.com/ > > > > > > **NOTE: New CCNA/CCDA List has been formed. For > > more information go to > > > http://www.groupstudy.com/list/Associates.html > > > _ > > > UPDATED Posting Guidelines: > > http://www.groupstudy.com/list/guide.html > > > FAQ, list archives, and subscription info: > > http://www.groupstudy.com > > > Report misconduct and Nondisclosure violations to > > [EMAIL PROTECTED] > > > > > __ > Do You Yahoo!? > Yahoo! Photos - 35mm Quality Prints, Now Get 15 Free! > http://photos.yahoo.com/ > > ___ > To unsubscribe from the CCIELAB list, send a message to > [EMAIL PROTECTED] with the body containing: > unsubscribe ccielab > **NOTE: New CCNA/CCDA List has been formed. For more information go to http://www.groupstudy.com/list/Associates.html _ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: urgent PIX help AGAIN
> One more question: when I configure PIX as DHCP server, it > only allows 10 addresses in the pool. > Is 10 max? Yes, 10 is max. It's in the command reference. The PIX wasn't meant to be a large-scale DHCP server. It's a firewall and if you need extensive DHCP server capabilities, you should run that on another platform. -A -- Heroes: Vint Cerf & Bob Kahn, Leonard Kleinrock, Robert Metcalfe Links : http://www.hojmark.org/networking/ **NOTE: New CCNA/CCDA List has been formed. For more information go to http://www.groupstudy.com/list/Associates.html _ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]