New to Cisco routers and stumped

[Madcap07]

Hope there's a kind soul that can set me on the right path on the issue I'm experiecing, I'm new to Cisco routers and their configurations and have to admit don't have a deep understanding of routing in general. Here's my situation. My company owns a block of IP addresses. We have a main Cisco 1750 router that hosts them and then we map some of them to other Cisco Pixs. One of the I have the following mapping, 12.44.28.10 is the IP I'm using which maps to 192.168.2.12 as the outside interface on the Pix501 which in turns maps to 192.168.25.x on the internal interface. We registered a new domain for use with this configuration and all the DNS entries on the DRS have been updated accordingly.

From the Windows Server 2003 SBS I can go out to the Internet without a problem from behind the Pix501 but try as I may, this server will be hosting a Website, Exchange, FTP etc. can't get any traffic to come in.

Any help will be greatly appreciated...

 

[KiscoKid]

I may be misunderstanding your setup but it sounds a bit complicated to me. Am I right in thinking you are performing Network Address Translation (NAT) on the 1750 and NAT again on the PIX's?

If so, this seems overly-complex solution for what you want to achieve and I can't see what benefit you gain from it. My recommendation would be to push all the NAT back onto the PIX and give your 1750 one public IP and your PIX another public IP. They you can create NAT, PAT or port forwarding rules on the PIX for each and every service you want visibile from the outside.

 

[Madcap07]

Hey Kisko: I agree in principle with you, unfortunately I've inherited this setup and am just trying to add segments to it, I thought your comment was right on the money but I have to deal with this multiheaded monster and come up with a solution...thanks again though.

 

[jpm121]

In this case, Change Is Good. Kisco is right, you don't want to deal with NATx2 -- even when it's set up right it doesn't always work well. It's also way less efficient - try using that argument if anyone complains! All the wires stay the same, just you let the router do what a router is supposed to do, and the PIX does what it's supposed to do (the way it's supposed to do it).

Someone here will help with configs if you need it.

 

[Madcap07]

Hey jpm, can't argue with your logic either, mercifully, after a very time consuming and painful line by line comparison, I realized where my configuration mistake was made...you're right, Natx2 is pure hell, but it's working now...appreciate the offer for someone to help with the configuration, as usual, we can attribute this to a novice's lack of knowledge, looks like a new challenge is before me to at least get my CCNA, because, tough as it has been, I've felt "challenged" by my lack of knowledge in this area.

Thanks again to you and Kisco both...

 

[yoja]

I want to print out the config file for my routers. For the life of me I can't remember how to do that. Can anyone clue me in?

 

[jneiberger]

yoja, just copy your config into a text file and print it.