Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
688
Views
0
Helpful
4
Replies

Connecting PIX 501 to LAN

revahi
Level 1
Level 1

‎12-26-2002 04:49 AM - edited ‎02-20-2020 10:27 PM

I understand that as in any firewall the PIX 501 sits in between the DSL interface and the LAN. It is not possible to connect to a USB type ADSL modem as there is only an ethernet point on this unit. I have an ADSL router which includes its own modem and 4 port hub.

The only way I can see to physically connect with this scenario is by connecting the ADSL router from its own LAN port directly to one of the LAN ports 1 through 4 on the PIX. Connecting it to port 0 doesn't work. I assume that no protection is afforded when the router connects to the PIX via one of the port 1 to 4 as it simply acts as a hub on those ports.

My question is how is this unit designed to work? Is it only made for a cable modem which has an Ethernet connection or is there someway of getting this unit to connect to the ADSL router on port 0?

0 Helpful
4 Replies 4

mike-greene
Level 4
Level 4

‎12-26-2002 09:06 AM

Hi, I do this all the time and it works fine. You might want to check your cable if your not getting a link light on Eth0. If your not, might try a cross over cable if your using a straight cable. Also make sure the subnet that the ADSL router's 4 port hub is on the same subnet that the PIX Eth0 is on.

Hope that helps....

0 Helpful

revahi
Level 1
Level 1
In response to mike-greene

‎12-27-2002 06:39 AM

Thanks fro your reply but

yes the link light on Eth0 IS on. The subnet is the same (PIX 192.168.1.1, ADSL router 192.168.1.254) but can only get a reply from the ping when the router is on Eth1~4. I assumed it was a rule or setting made in the PDM gui interface which blocked access to Eth0. So in a telnet window with enabled privlieges I just typed write erase and then reload. Since then the PIX 501 is nothing more than a very expensive (but working) 4 port hub. No ping reponse from 192.168.1.1 at all. Is there some other way to connect I've so far been unsuccessful connecting via the console/serial port. Need to know if there's some other default IP on it that I can connect to.

0 Helpful

Philip D'Ath
VIP Alumni
VIP Alumni

‎12-28-2002 12:46 PM

Make sure you are using different subnets on the outside (port 0) and inside (ports 1 through 4) on the PIX. You can not use 192.168.0.x on both sides at the same time.

By default, the PIX will try and DHCP an address on port 0. Make sure your ADSL router has DHCP enabled, or stactically configure the PIX.

0 Helpful

revahi
Level 1
Level 1
In response to Philip D'Ath

‎12-28-2002 05:37 PM

I don't fully understand. Assuming the PIX will get an IP on port 0 via DHCP broadcast does that mean I set the router as a DHCP server?

The router itself is configured to get its own IP on the WAN port via DHCP from the ISP but its LAN port is statically configured.

Should I set the router as DHCP server or leave as static address and statically configure the PIX on the Outside interface to that subnet. Or will both options work?

Thank you for your reply so far.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card