ra170 11-22-2010 02:08 AM

pix 501 - routing from pix subnet to another (dir-655) question
I have pix 501 cisco firewall with internal ip ``
I have connected d-link router (dir-655) to that pix 501.
This d-link router has internal `ip`

The picture would like something like that:
|pix 501| has ip
|DIR-655| has ip

1. |cable modem|----|pix 501|-------|DIR-655|-----PC
2. PC--------|pix 501|---------|DIR-655|
|cable modem|

When I'm on the wireless network (dir-655) with assigned ip of `192.168.0.x` I can cross the subnet and connect to my firewall `` (pic. 1)

The problem is that if I'm on the `192.168.10.x` network I can't connect to anything over at `192.168.0.x` network. (pic.2)

I've tried entering a static route like this:
`route inside 1`
But still, can't connect to or anything on that subnet.

Is there a way to setup a static route? or do I need access-list? or ip address (entry) ?
Do I need to add separate router between PIX 501 and DIR-655?

I would think that static route like this should take care of it, but it doesn't.

This is my route config and nat:
(config)# sh route
outside (outside_IP) 1 DHCP static
outside (outside_IP) (outside_IP) 1 CONNECT static
inside 1 OTHER static
inside 1 CONNECT static

(config)# sh nat
nat (inside) 1 0 0
nat (inside) 1 0 0
nat (inside) 1 0 0

I would really appreciate some help! Thanks.

ra170 11-22-2010 04:46 AM

I also tried a route like this.
I edited configuration on the d-link DIR-655 and set it up with static ip of (as the outside wan ip)

then on pix 501 I've entered route:

inside 1 OTHER static

but still it doesn't work.

