PIX 501 behind a Wireless Cable Router

Unanswered Question
Mar 20th, 2010
User Badges:

I received a new SMCD3GN Router from my Cable Company yestrday. I cannot get my PIX working now.

Cable Router IP is (DHCP is on)

Pix Outside Int (DHCP)

Pix inside DHCP in the network

Not sure what to do, any ideas?


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Jennifer Halim Sat, 03/20/2010 - 17:46
User Badges:
  • Cisco Employee,

Assuming your cable router is doing NAT for subnet, you can PAT everything on your PIX.

Assuming PIX inside interface is called inside, and outside interface is called outside:

nat (inside) 1 0 0

global (outside) 1 interface

This will allow outbound internet traffic from your LAN (

walshliam Mon, 03/22/2010 - 06:32
User Badges:

I have tried this, but still not working.

I am able to get Internet Access through the PIX, and I was able to connect the VPN client on my laptop but I cannot get the VPN tunnel from the pix up. Nothing has changed on by work side, this only started with the new cable modem. Are there any ports I need to allow on the new router??

walshliam Mon, 03/22/2010 - 11:48
User Badges:

Anybody ever run into this? Will I need specific NAT entries in the cable router??

DialerString_2 Mon, 03/22/2010 - 13:13
User Badges:
  • Bronze, 100 points or more

Are you sure  your public ip addy didn't change ? - if your not using dynamic vpn.

Jennifer Halim Mon, 03/22/2010 - 13:41
User Badges:
  • Cisco Employee,

Of course you would need NAT for connection inbound towards the PIX.

For VPN, you would need the following:

- UDP/500

- UDP/4500 (Assuming NAT-T is configured on your PIX)


This Discussion