Pix 501 with cable modem and heart beat service

Unanswered Question
Aug 7th, 2003
User Badges:

Hi,

What would be thebest way to configure a pix 501 to work with a cable modem the ISP provides a heartbeat and authentication service that periodically checks in from PC this is similar to the roadrunner service that run on some cable NW in the states from what i gather the app authenticates to ISP on port 50xxx


If i set the outside interface to Dhcp as no static ip's available and inside to 10.1.1.1 net will I be able to do a static

nat from internal host 10.1.1.25 to outside int or would pat be a better option suggestion appreciated.




thankyou


Allan



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

I doubt the pix will work in such a configuration - it supports PPPoE, and that is it. There is no support for any proprietary authentication method. If the auth software can be run on an internal pc however, there may be hope - you need to do PAT as you will likely only have one IP address, but you could statically forward the port to an internal machine :


static (inside, outside) tcp interface 5000 10.10.10.10 5000 netmask 255.255.255.255


would statically forward tcp port 5000 from the dynamic global ip on the outside of the pix to tcp port 5000 on the inside host 10.10.10.10

ncorder Thu, 08/14/2003 - 11:02
User Badges:

In addition to that statement you need an access list that will allow the traffic in.


access-list acl_out permit tcp any any eq 5000

access-group acl_out in interface outside



Actions

This Discussion