Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
757
Views
0
Helpful
3
Replies

PIX 501 DHCP problem

loufed
Level 1
Level 1

‎02-05-2007 02:35 PM - edited ‎03-11-2019 02:29 AM

This morning I was troubleshooting a VPN issue that I have been having with my SOHO connecting to a remote site.

My SOHO is connected as follows:

ISP (Verizon DSL) <--> WESTELL Modem <--> PIX 501 <--> LAN <--> PC

In order to determine if my PIX 501 firewall might be the cause of the problem, I bypassed the PIX firewall and connected the LAN from DSL modem directly to my PC (WINDOWS XP).

ISP (Verizon DSL) <--> WESTELL Modem <--> PC

This test was successful as it helped me determine that the PIX firewall was preventing my VPN connection from working correctly. That's the good news.

The bad news is that when I attempted to plug the etherent connection from the DSL modem to the PIX firewall I received the following error:

DHCP command failed

Warning: Start and End addresses overlap with broadcast address.

outside interface address added to PAT pool

I tried rebooting the PIX firwall several times with no success. When I perform a show IP route I get the following:

pixfirewall# sh ip route

System IP Addresses:

ip address outside 127.0.0.1 255.255.255.255

ip address inside 192.168.1.1 255.255.255.0

Current IP Addresses:

ip address outside 0.0.0.0 0.0.0.0

ip address inside 192.168.1.1 255.255.255.0

I am attaching a copy of my PIX firewall for your perusal.

I am not sure what to do about this error. I assume it is not a DSL issue since it works everytime I plug it into my PC. Anything that you can do to help would be greatly appreciated.

Thank you

Labels:
Preview file
3 KB
0 Helpful
3 Replies 3

Fernando_Meza
Level 7
Level 7

‎02-05-2007 03:40 PM

Hi .. what I think it could be happening is an IP overlaping between the pool of IP addresses distributed by the ADSL modem and the one configured on the internal interface of the PIX. To test this check what is the IP address you get when connecting directly the PC. If the range is also 192.168.1.X then that is the problem.

dhcpd address 192.168.1.10-192.168.1.14 inside

Note in your scenario I would recommend to use your ADSL modem on bridge mode so that the PIX is the one sending the credentials to your ISP .. normally this is done by configuring the PIX as PPPoE client. Then you can use the PIX for the DHCP allocation which is already configured.

Please refer to the below link for instruction about configuring the PIX as PPPoE client

I hope it helps .. please rate if it does !!!

0 Helpful

loufed
Level 1
Level 1
In response to Fernando_Meza

‎02-05-2007 05:41 PM

Hi. Thanks for the timely response. The IP address I am getting is a public IP address. I would be very interested in looking in setting up the PPPoE client but unfortunately there was no link. Could you repost or email me directly?

Thanks

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card