PIX 501 firewall configuration: PIX configuration

VARs can use this tip to walk them through the basic configuration of Cisco's PIX firewall.

What I am calling basic configuration is made up of five things:

  • Set the hostname
  • Set passwords (login and enable)
  • Configure IP addresses on interfaces
  • Enable interfaces
  • Configure a default route

Before you can do any of these things, you need to go into global configuration mode. To do this, type:


pixfirewall# config t

To set the hostname, use the hostname command, like this:


pixfirewall(config)# hostname PIX1

Notice that the prompt changed to the name that you set.

Next, set the login password to cisco, like this:


PIX1(config)# password cisco

This is the password required to gain any access to the PIX except administrative access.

Now, configure the enable mode password, used to gain administrative mode access.


PIX1(config)# enable password cisco

Next, configure IP addresses on interfaces and enable those interfaces. Unlike a router, PIX, has no concept of interface configuration mode. To configure the IP address on the inside interface, use this command:


PIX1(config)# ip address inside

Now, configure the outside interface IP address:

PIX1(config)# ip address outside

Next, enable both the inside and outside interfaces. Make sure that the Ethernet cable, on each interface, is connected to a switch. Note that the ethernet0 interface is the outside interface, and it is only a 10base-T interface on a PIX 501. The ethernet1 interface is the inside interface, and it is a 100Base-T interface. Here is how you enable these interfaces:


PIX1(config)# interface ethernet0 10baset
PIX1(config)# interface ethernet1 100full 

Note you can do a show interfaces command, right from the global configuration prompt line.

Lastly, we'll configure a default route so that all traffic sent to the PIX will flow to the next upstream router (the IP address that we were given). Here is how you do this:


PIX1(config)# route outside 0 0 

The PIX firewall can, of course, support dynamic routing protocols as well (such as RIP and OSPF).

Now, let's move on to some more advanced configuration.

PIX firewall configuration

 Step 1: The basics
 Step 2: Guidelines
 Step 3: Configuration setup
 Step 4: PIX configuration
 Step 5: Network address translation
 Step 6: Firewall rules
 Step 7: Showing and saving configuration

David Davis
David Davis

About the author:
David Davis (CCIE #9369, CWNA, MCSE, CISSP, Linux+, CEH) has been in the IT industry for 15 years. Currently, he manages a group of systems/network administrators for a privately owned retail company and authors IT-related material in his spare time. He has written more than 50 articles, eight practice tests and three video courses and has co-authored one book. His Web site is HappyRouter.com.

This tip originally appeared on SearchNetworking.com.


Dig Deeper on Managed network security services