02-24-2002 10:07 AM - edited 03-08-2019 09:54 PM
Recently our ISP switched our plan from a statically assigned IP to DHCP (that renews the same address). I'm not a CCNA, but the PIX 506 we have was relatively easy to setup. Now that the outside address has to be grabbed from DHCP I'm having problems.
First of all, try the following command
>ip address outside dhcp
And I get:
..................
DHCP command failed
Do I have to clear everything and start over? If so, when setting it back up should the above command work? What are the steps?
I've contacted the ISP and they said that they could see the DSL modem. I also asked them why the PIX was having problems and they said 'Contact your vendor'.
If anyone would like to help me please reply here or email me at luke_pickard@hotmail.com
02-25-2002 04:43 PM
Ok, more info on the situation.
Turns out that the ISP didn't do something right at their wire center and have basically been telling me to figure it out myself for the past week.
Now the problem is that what do I enter for the NAT, GLOBAL, and ROUTE commands? I just nuked them two seconds ago (finally got my outside ip about 15 minutes ago) so I'm in the process of rebuilding the PIX.
Here's the blank slate I'm working with:
PIX Version 5.2(5)
nameif ethernet0 outside security0
nameif ethernet1 inside security100
enable password xxxxxx encrypted
passwd xxxxxx encrypted
hostname Morinville
fixup protocol ftp 21
fixup protocol http 80
fixup protocol h323 1720
fixup protocol rsh 514
fixup protocol smtp 25
fixup protocol sqlnet 1521
fixup protocol sip 5060
names
pager lines 24
logging on
no logging timestamp
no logging standby
no logging console
no logging monitor
no logging buffered
no logging trap
no logging history
logging facility 20
logging queue 512
interface ethernet0 10baset
interface ethernet1 10baset
mtu outside 1500
mtu inside 1500
ip address outside dhcp
ip address inside 192.168.10.202 255.255.255.0
ip audit info action alarm
ip audit attack action alarm
arp timeout 14400
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h323 0:05:00 si
p 0:30:00 sip_media 0:02:00
timeout uauth 0:05:00 absolute
aaa-server TACACS+ protocol tacacs+
aaa-server RADIUS protocol radius
no snmp-server location
no snmp-server contact
snmp-server community public
no snmp-server enable traps
floodguard enable
no sysopt route dnat
isakmp identity hostname
telnet 192.168.10.0 255.255.255.0 inside
telnet timeout 5
ssh timeout 5
terminal width 80
Cryptochecksum:xxxxxx
: end
[OK]
Basically, everything is gone except the ip addresses and telnet.
Any help would be appreciated. I know this is a simple problem but I know virtually nothing about Cisco equipment and last time I did anything with Cisco was when I set this PIX up over half a year ago.
The Default route has been set for the computers on the inside network and now I just need to know what to change on the pix to get it working. If anyone needs the outside ip, masks, or isp gateway I can post those as well.
Thanks
02-25-2002 05:23 PM
All figured out! Easier than I thought.
04-24-2002 05:41 AM
I'm a little too late to help I'm glad you figured it out. Remember when troubleshoooting to start simple and go to complex. Think of your job as proving that you are in the right and they are wrong. DSL sometimes goes down because of a variety of issues from line quality to CO equipment. To check DSL first connect it directly to your macine ask your ISP what the configuration is supposed to be before hand. One moore peice of advice never sound frustrated or get upset with a tech you'll be down a lot longer.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide