I currently have two servers in a datacentre (one Linux and one
Windows, another three servers will be added shortly, they are all
running as webservers). I have a block of 64 IP addresses which are on
the same Subnet. Each server has its own static IP address so that I
can connect to each server remotely and each server most show its IP
address when contacting outside the network (so no NAT). The servers
are currently protected by a Watchguard Firebox II firewall which was
very simple to set up. I simply plugged the Internet connection cable
to the External Interface, a Cisco Switch to the Internal Interface,
entered a single IP address, the default gateway and the subnet mask
for the Firebox and set up my rules (to allow http, https, ssh etc..).
I am replacing the Firebox with a Cisco Pix 515e firewall which is
obviously more difficult to configure. What I am looking for is a
basic guide to configuring the Pix to work in the same way as the
Firebox (I plan to use the PDM web based interface).
There are two interfaces, internal and external and I am confused
about how I configure these (I was only asked for one IP address with
the Firebox). I need to ensure that the servers use their assigned
static IP's so do not want the Pix to assign IP addresses to the
servers etc. If you can provide a step by step guide to this type of
configuration it would be very helpful.
All of the sample configs that I can find seem to be based on having
an internal network rather than all remotely accessed webservers.
Incidentaly I also plan to administer the Firewall remotely using the
PDM interface. |
