PIX 501 behind a Wireless Cable Router

Unanswered Question
Mar 20th, 2010

I received a new SMCD3GN Router from my Cable Company yestrday. I cannot get my PIX working now.

Cable Router IP is (DHCP is on)

Pix Outside Int (DHCP)

Pix inside DHCP in the network

Not sure what to do, any ideas?


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Jennifer Halim Sat, 03/20/2010 - 17:46

Assuming your cable router is doing NAT for subnet, you can PAT everything on your PIX.

Assuming PIX inside interface is called inside, and outside interface is called outside:

nat (inside) 1 0 0

global (outside) 1 interface

This will allow outbound internet traffic from your LAN (

walshliam Mon, 03/22/2010 - 06:32

I have tried this, but still not working.

I am able to get Internet Access through the PIX, and I was able to connect the VPN client on my laptop but I cannot get the VPN tunnel from the pix up. Nothing has changed on by work side, this only started with the new cable modem. Are there any ports I need to allow on the new router??

walshliam Mon, 03/22/2010 - 11:48

Anybody ever run into this? Will I need specific NAT entries in the cable router??

DialerString_2 Mon, 03/22/2010 - 13:13

Are you sure  your public ip addy didn't change ? - if your not using dynamic vpn.

Jennifer Halim Mon, 03/22/2010 - 13:41

Of course you would need NAT for connection inbound towards the PIX.

For VPN, you would need the following:

- UDP/500

- UDP/4500 (Assuming NAT-T is configured on your PIX)


This Discussion