cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
789
Views
0
Helpful
6
Replies

PIX 501 behind a Wireless Cable Router

walshliam
Level 1
Level 1

I received a new SMCD3GN Router from my Cable Company yestrday. I cannot get my PIX working now.

Cable Router IP is 192.168.5.2 (DHCP is on)

Pix Outside Int 192.168.5.10 (DHCP)

Pix inside DHCP in the 192.168.6.0 network

Not sure what to do, any ideas?

Thanks

6 Replies 6

Jennifer Halim
Cisco Employee
Cisco Employee

Assuming your cable router is doing NAT for 192.168.5.0/24 subnet, you can PAT everything on your PIX.

Assuming PIX inside interface is called inside, and outside interface is called outside:

nat (inside) 1 0 0

global (outside) 1 interface

This will allow outbound internet traffic from your LAN (192.168.6.0/24)

I have tried this, but still not working.

I am able to get Internet Access through the PIX, and I was able to connect the VPN client on my laptop but I cannot get the VPN tunnel from the pix up. Nothing has changed on by work side, this only started with the new cable modem. Are there any ports I need to allow on the new router??

walshliam
Level 1
Level 1

Anybody ever run into this? Will I need specific NAT entries in the cable router??

Are you sure  your public ip addy didn't change ? - if your not using dynamic vpn.

Of course you would need NAT for connection inbound towards the PIX.

For VPN, you would need the following:

- UDP/500

- UDP/4500 (Assuming NAT-T is configured on your PIX)

bobby.armstrong
Level 1
Level 1

May we see your sanitized config?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: