PIX 506E ISP Change

Unanswered Question

I am running Pix version 6.2(2) and I am switching ISP's and need to know all of the changes needed to do this. We have one internal network server running and managing the internal IP's for the network. The PIX has an internal IP number assigned that I assume I will not have to change. What I will have to change is the static IP for the firewall from the new ISP.

Here is what I have tried to change so far which has not allowed the connection to happen

1. IP Address Outside ?changed to the new static IP number provided by the ISP and the new subnet mask.

2. Route Outside ? changed to the new gateway provided by the ISP

I need to know what other items need to be changed in order for this connection to work.

I also do not see where to put in the DNS numbers (if needed) and the manual I have only has one reference, in the mail server information which I do not have a mail server internally.

This is what I would consider the most basic network setup out there; one internal server managing its own IP numbers and a firewall to get to the internet for e-mail and the WWW. This has led to much disappointment at me by me that I cannot figure this out.

Thanks for any help in advance.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Jon Marshall Mon, 02/26/2007 - 05:57


Can you ping the new gateway provided by the ISP.

As far as your NAT is concerned are you Natting all traffic to the public IP address of your pix firewall ie.

nat (inside) 1

global (outside) 1 interface

or something along those lines.



Jon Marshall Mon, 02/26/2007 - 07:19


Is it a different router than the one you used to have ?

Are you connecting the router directly to the firewall without the use of a switch. If so you need to:

1) Make sure you are using a cross over cable.

2) Check duplex and speed settings. Could you get the provider to check what settings they have put on their router

3) Just to be safe can you ensure that the provider has actually not shutdown the interface you are connecting to.



The router is different - provided by the new ISP. I am also connecting through a switch.

The only thing I am trying to do is take the cable from the old ISP's router to the new ISP's router. I can also see that there appears to be a connection out because the green connected light is on to the line. When I plug the cable in to the router a green light comes on then shortly changes to a red light for the ethernet line 1 but the connection out light is still green.

Thanks again

Jon Marshall Mon, 02/26/2007 - 11:02


Okay as long as you are using a straight thru rj45 cable it definitely sounds like a speed/duplex mismatch.

Just to be clear - it is the router interface that changes to red ?

If you haven't got access to provider router then you can keep changing the speed and duplex of the switch port to see if that makes any difference.



Jon Marshall Mon, 02/26/2007 - 23:48


You should be using a cross over cable to connect to router to a pix firewall.




This Discussion