Velocity Reviews

Velocity Reviews (http://www.velocityreviews.com/forums/index.php)
-   Cisco (http://www.velocityreviews.com/forums/f27-cisco.html)
-   -   pix 501 - routing from pix subnet to another (dir-655) question (http://www.velocityreviews.com/forums/t738562-pix-501-routing-from-pix-subnet-to-another-dir-655-question.html)

ra170 11-22-2010 02:08 AM

pix 501 - routing from pix subnet to another (dir-655) question
 
I have pix 501 cisco firewall with internal ip `192.168.10.1.`
I have connected d-link router (dir-655) to that pix 501.
This d-link router has internal `ip 192.168.0.1`

The picture would like something like that:
|pix 501| has 192.168.10.1 ip
|DIR-655| has 192.168.0.1 ip

1. |cable modem|----|pix 501|-------|DIR-655|-----PC
2. PC--------|pix 501|---------|DIR-655|
|
|
|cable modem|

When I'm on the wireless network (dir-655) with assigned ip of `192.168.0.x` I can cross the subnet and connect to my firewall `192.168.10.1.` (pic. 1)

The problem is that if I'm on the `192.168.10.x` network I can't connect to anything over at `192.168.0.x` network. (pic.2)

I've tried entering a static route like this:
`route inside 192.168.0.0 255.255.255.0 192.168.10.1 1`
But still, can't connect to 192.168.0.1 or anything on that subnet.

Is there a way to setup a static route? or do I need access-list? or ip address (entry) ?
Do I need to add separate router between PIX 501 and DIR-655?

I would think that static route like this should take care of it, but it doesn't.

This is my route config and nat:
(config)# sh route
outside 0.0.0.0 0.0.0.0 (outside_IP) 1 DHCP static
outside (outside_IP) 255.255.248.0 (outside_IP) 1 CONNECT static
inside 192.168.0.0 255.255.255.0 192.168.10.1 1 OTHER static
inside 192.168.10.0 255.255.255.0 192.168.10.1 1 CONNECT static

(config)# sh nat
nat (inside) 1 192.168.1.0 255.255.255.0 0 0
nat (inside) 1 192.168.10.0 255.255.255.0 0 0
nat (inside) 1 0.0.0.0 0.0.0.0 0 0

I would really appreciate some help! Thanks.

ra170 11-22-2010 04:46 AM

I also tried a route like this.
 
I edited configuration on the d-link DIR-655 and set it up with static ip of 192.168.10.30 (as the outside wan ip)

then on pix 501 I've entered route:

inside 192.168.0.0 255.255.255.0 192.168.10.30 1 OTHER static

but still it doesn't work.


All times are GMT. The time now is 04:27 AM.

Powered by vBulletin®. Copyright ©2000 - 2014, vBulletin Solutions, Inc.
SEO by vBSEO ©2010, Crawlability, Inc.