O'Reilly logo

Virtual Private Networks, Second Edition by Paul Wolfe, Charlie Scott, Mike Erwin

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

The PIX in Action

Figure 9-1 is a diagram of where to install the PIX firewall on a standard network topological map.

A typical PIX firewall setup

Figure 9-1. A typical PIX firewall setup

Functionally, the PIX firewall is set up much like a packet filtration router. The two Ethernet interfaces are labeled “outside” and “inside” for the two networks that you will need to connect it to. In Figure 9-1, the PIX firewall is situated on the “perimeter network” between the internal router and the external router. You will notice that the only machine connecting both networks is the PIX firewall. By funneling traffic through the PIX, you can construct an effective security gateway.

For the purpose of illustrating some of the sample configurations in this chapter, we will assume that the topology of our network looks like the one depicted in Figure 9-2.

A test network for our initial configuration

Figure 9-2.  A test network for our initial configuration

ISP Assigned Addresses (Global Pool)

To create the dynamic address translation slots that we referred to earlier, which will be used to map internal addresses into external ones, we need to get a NIC registered network allocated to us, and have it routed to the PIX firewall. In Figure 9-2, the global pool our Internet service provider has provided to us for our tests is a small network comprised of only eight machines. ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required