PIX 501 firewall configuration - The basics

The first step in a series on how to configure the Cisco PIX 501 firewall for small and midsized businesses.

The first step in a series on how to configure the Cisco PIX 501 firewall for small and midsized businesses, posted here courtesy of SearchNetworking.com.

A Cisco PIX firewall protects one network from another. In this example, we configure a PIX 501 firewall, which is meant for a small business.

PIX firewalls use the concept of inside interface, which is the internal, usually private, network; and outside interfaces, which is the external, usually public, network. The goal is to protect the inside network from the outside network.

These firewalls utilize the adaptive security algorithm (ASA), which assigns security levels to interfaces and says that no traffic can flow from a lower-level interface (like the outside interface) to a higher-level interface (like the inside interface) without a rule allowing it. The outside interface has a security level of zero and the inside interface has a security level of 100.

Here is what the output of the show nameif command looks like:

pixfirewall# show nameif
nameif ethernet0 outside security0
nameif ethernet1 inside security100

The ethernet0 interface is the outside interface (its default name) and the security level is 0. The ethernet1 interface is named inside (the default) and has a security level of 100.

PIX firewall configuration

 Step 1: The basics
 Step 2: Guidelines
 Step 3: Configuration setup
 Step 4: PIX configuration
 Step 5: Network address translation
 Step 6: Firewall rules
 Step 7: Showing and saving configuration
David Davis
David Davis

About the author
David Davis (CCIE #9369, CWNA, MCSE, CISSP, Linux+, CEH) has been in the IT industry for 15 years. Currently, he manages a group of systems/network administrators for a privately owned retail company and authors IT-related material in his spare time. He has written more than 50 articles, eight practice tests and three video courses and has co-authored one book. His Web site is HappyRouter.com.

This tip originally appeared on SearchNetworking.com.

Dig Deeper on Managed network services technology

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.