求助：我的PIX为什么这么配置还不能用~上不了网

PIX配置好后连接交换机，再用了台PC连接交换机，PC和PIX再一个网段，但是ping的通联通给的地址,ping不通外网的网关，更别提网站了。配置如下
$ n; S0 d! m1 P# a9 T& L# RPIX Version 6.3(3)
8 O( w$ K, x$ x3 a6 Y" {interface ethernet0 auto
interface ethernet1 auto
6 `* V$ r& _: t' F# A- wnameif ethernet0 outside security0
nameif ethernet1 inside security100
enable password 8Ry2YjIyt7RRXU24 encrypted
* f8 H/ {3 M1 `8 N! Cpasswd 2KFQnbNIdI.2KYOU encrypted
hostname pix515e
domain-name aubridgegroup.com
2 o+ Y- R  X* i" X" u# }  ufixup protocol dns maximum-length 512
6 a. g7 s# I; K0 s# h+ bfixup protocol ftp 21
1 D, F' V+ B! D- s, Q" @9 `fixup protocol h323 h225 1720
# w) a* Z( d% x' Zfixup protocol h323 ras 1718-1719
fixup protocol http 80
fixup protocol rsh 514
fixup protocol rtsp 554
  t' E# }% B3 Y8 Yfixup protocol sip 5060
0 t& C' `  }# q0 z; E! q2 q$ Z8 _fixup protocol sip udp 5060
fixup protocol skinny 2000
/ S& z, n" U0 l5 i. e# A' lfixup protocol smtp 25
$ T0 h, z+ {: e6 tfixup protocol sqlnet 1521
$ [( D* b; x  rfixup protocol tftp 69
# g* I/ a' i7 K. P, v% @' W! a, knames
access-list 80 permit ip 192.168.2.0 255.255.255.0 192.168.3.0 255.255.255.0
2 x% W# J4 e: _4 d" R' xaccess-list 101 permit ip 192.168.2.0 255.255.255.0 192.168.3.0 255.255.255.0
) G1 P6 p+ W/ w6 N7 b1 G4 @8 W, eaccess-list 101 permit icmp 192.168.2.0 255.255.255.0 192.168.3.0 255.255.255.0
access-list 102 permit icmp any any
! z5 x) O: s1 M& T# v7 U3 q5 @access-list 103 permit ip any 112.64.141.0 255.255.255.0
pager lines 24
mtu outside 1500
5 m5 {- P$ x: d+ n" kmtu inside 1500
ip address outside 112.64.141.122 255.255.255.0
ip address inside 192.168.2.15 255.255.255.0
  _7 v9 [: _' J  i- Bip audit info action alarm
2 W2 f3 _" G! [! k9 j1 dip audit attack action alarm
ip local pool dialerl 192.168.2.241-192.168.2.249
pdm history enable
arp timeout 14400
+ q' w' ?, z7 g) J" Jglobal (outside) 1 interface
% K: j' b! v+ ]$ [* }" knat (inside) 1 0.0.0.0 0.0.0.0 0 0
  W* `" H1 n0 o2 k& u! T( maccess-group 80 in interface outside
+ g$ k" i; _* s" utimeout xlate 3:00:00
4 e: `* J' `* Q/ |timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00
. {2 a4 i' p+ C2 Ptimeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00
timeout uauth 0:05:00 absolute
aaa-server TACACS+ protocol tacacs+
aaa-server RADIUS protocol radius
; n# p, @; I0 Baaa-server LOCAL protocol local
: ?$ e6 m6 z4 {( jno snmp-server location
6 }) A! Q$ K. Kno snmp-server contact
snmp-server community public
no snmp-server enable traps
* ?: T$ d0 K; k- {! A: i& l1 U1 s! g2 pfloodguard enable
telnet timeout 5
0 f/ U! F/ e* R9 Fssh timeout 5
console timeout 0
) _2 W6 g2 L; P3 R3 U" W1 ~  Lterminal width 80
' U3 L3 w0 o8 t. c! w6 x7 kCryptochecksum:3ce5c7f1d4ffa817ec7e6890d7b5b299
! u1 P+ G# [1 x0 z( Q. I2 X: end

补充：route outside 0.0.0.0 0.0.0.0 112.64.141.121 1这条加了也不能上

看不懂呀。。。

什么看不懂？我表达不清？

来学习了.

inside 没有做访问列表，outside 的改成access-list 80 permit ip any any  试一下。

谢谢，我去试试

试过了~下面那个样还是没用。
PIX Version 6.3(3)
9 B% m+ J. R& g  G4 g/ g: pinterface ethernet0 auto
5 h8 e6 B; J7 Finterface ethernet1 auto
interface ethernet2 auto shutdown
nameif ethernet0 outside security0
nameif ethernet1 inside security100
# i, c+ [  P1 k! e+ ]nameif ethernet2 intf2 security4
; a- |! s* @8 Z( Y9 Q4 J2 cenable password 8Ry2YjIyt7RRXU24 encrypted
  T# p% Q$ j; R: f4 y) Opasswd 2KFQnbNIdI.2KYOU encrypted
hostname pixfirewall
) n, G9 k) u* f: P+ a. J4 S& bfixup protocol dns maximum-length 512
3 G; ^# F$ D, j" {3 _2 L& ^' ?fixup protocol ftp 21
fixup protocol h323 h225 1720
; p1 {! `8 h# ~% q  j6 }" nfixup protocol h323 ras 1718-1719
" Y  a6 F  p2 @1 u; z  U7 vfixup protocol http 80
fixup protocol rsh 514
fixup protocol rtsp 554
fixup protocol sip 5060
fixup protocol sip udp 5060
fixup protocol skinny 2000
fixup protocol smtp 25
& T' ?" B! v! gfixup protocol sqlnet 1521
; l  h/ V, S7 j% z9 b4 x" y/ Tfixup protocol tftp 69
; O. p# b- {# q+ i. M+ V) Nnames
0 O3 q: M& R5 Saccess-list 80 permit ip any any
6 U& n8 K0 {" Jaccess-list 101 permit ip 192.168.2.0 255.255.255.0 192.168.3.0 255.255.255.0
access-list 101 permit icmp 192.168.2.0 255.255.255.0 192.168.3.0 255.255.255.0
access-list 102 permit icmp any any
access-list 103 permit ip any 112.64.141.0 255.255.255.0
, |' A" c0 a2 o; q# T8 }pager lines 24
! E3 p& {& ^! a; tmtu outside 1500
mtu inside 1500
mtu intf2 1500
ip address outside 112.64.141.122 255.255.255.0
' l4 B3 v$ V- [: w7 Yip address inside 192.168.2.3 255.255.255.0
no ip address intf2
ip audit info action alarm
ip audit attack action alarm
pdm history enable
4 l* @9 I; Q& v8 @; Parp timeout 14400
global (outside) 1 interface
8 _1 V# ?( I2 @0 t1 G/ D: w, E5 p* Bnat (inside) 1 0.0.0.0 0.0.0.0 0 0
$ q; F$ `3 ]% droute outside 0.0.0.0 0.0.0.0 112.64.141.121 1
timeout xlate 3:00:00
$ L+ h$ F3 |" g7 V0 d/ `timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00
timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00
: E" R4 A) |7 F7 p4 A+ F3 ]6 v" ?timeout uauth 0:05:00 absolute
2 L; t( p# |9 m- W' ^3 A5 Jaaa-server TACACS+ protocol tacacs+
aaa-server RADIUS protocol radius
aaa-server LOCAL protocol local
- u" B" B5 p3 m- r4 Fno snmp-server location
no snmp-server contact
snmp-server community public
no snmp-server enable traps
" I8 j' K9 E  efloodguard enable
telnet timeout 5
ssh timeout 5
console timeout 0
1 B) Y+ L7 T0 T0 k" t) a7 H/ U: cterminal width 80
- _5 j$ F% s! Q; i- u" D$ y9 ]Cryptochecksum:fc9dccbcea300e72b9fc0d1cf3c73f00
, U+ A# W8 ^" f% m- B: M: end

没看完~~~~~~ 先顶，好同志

谢谢楼主，共同发展