What I am calling basic configuration is made up of five things:
- Set the hostname
- Set passwords (login and enable)
- Configure IP addresses on interfaces
- Enable interfaces
- Configure a default route
Before you can do any of these things, you need to go into global configuration mode. To do this, type:
pixfirewall# config t pixfirewall(config)#
To set the hostname, use the hostname command, like this:
pixfirewall(config)# hostname PIX1 PIX1(config)#
Notice that the prompt changed to the name that you set.
Next, set the login password to cisco, like this:
PIX1(config)# password cisco PIX1(config)#
This is the password required to gain any access to the PIX except administrative access.
Now, configure the enable mode password, used to gain administrative mode access.
PIX1(config)# enable password cisco PIX1(config)#
Next, configure IP addresses on interfaces and enable those interfaces. Unlike a router, PIX, has no concept of interface configuration mode. To configure the IP address on the inside interface, use this command:
PIX1(config)# ip address inside 10.1.1.1 255.0.0.0 PIX1(config)#
Now, configure the outside interface IP address:
PIX1(config)# ip address outside 220.127.116.11 255.255.255.0 PIX1(config)#
Next, enable both the inside and outside interfaces. Make sure that the Ethernet cable, on each interface, is connected to a switch. Note that the ethernet0 interface is the outside interface, and it is only a 10base-T interface on a PIX 501. The ethernet1 interface is the inside interface, and it is a 100Base-T interface. Here is how you enable these interfaces:
PIX1(config)# interface ethernet0 10baset PIX1(config)# interface ethernet1 100full PIX1(config)#
Note you can do a show interfaces command, right from the global configuration prompt line.
Lastly, we'll configure a default route so that all traffic sent to the PIX will flow to the next upstream router (the 18.104.22.168 IP address that we were given). Here is how you do this:
PIX1(config)# route outside 0 0 22.214.171.124 PIX1(config)#
The PIX firewall can, of course, support dynamic routing protocols as well (such as RIP and OSPF).
Now, let's move on to some more advanced configuration.
PIX firewall configuration
Step 1: The basics
Step 2: Guidelines
Step 3: Configuration setup
Step 4: PIX configuration
Step 5: Network address translation
Step 6: Firewall rules
Step 7: Showing and saving configuration
About the author:
David Davis (CCIE #9369, CWNA, MCSE, CISSP, Linux+, CEH) has been in the IT industry for 15 years. Currently, he manages a group of systems/network administrators for a privately owned retail company and authors IT-related material in his spare time. He has written more than 50 articles, eight practice tests and three video courses and has co-authored one book. His Web site is HappyRouter.com.
This tip originally appeared on SearchNetworking.com.