Problem with PIX/WAP connectivity

Discussion in 'Cisco' started by dilan.weerasinghe@gmail.com, Sep 10, 2006.

  1. Guest

    Hi

    I have a lab set up as follows;

    Speedtouch 836 ADSL router - PIX 506 - Cisco 2924 switch - Linkysys
    wireless G WAP

    Public IP block: x.x.x.192/28
    Router: x.x.x.198
    PIX Outside: x.x.x.193
    PIX Inside VLAN1: 192.168.10.1/24
    PIX Inside VLAN2: 192.168.2.1/24

    If I remove the PIX from the network and configure the Speedtouch to
    carry out NAT and DHCP then the WAP works fine.
    If I am connected to the 2924 switch via wire (and the WAP is taken out
    of the equation) then there is no issue either.
    However, when the PIX and WAP are both being used, my laptop's wireless
    connection loses internet capability periodically (say around every
    10-20mins). I can still ping the inside interface of the PIX, however
    cannot telnet to it or ping any other sites or the router's address.
    Nor can I even browse to the PDM (provided I am on the correct VLAN),
    even though I can ping the inside interface. If I was connected to the
    PIX via a telnet connection, then I am disconnected.
    After about 5-6 mins, the connection is restored and it everything
    works ok again.


    Sh conf from PIX:

    PIX Version 6.3(4)
    interface ethernet0 10baset
    interface ethernet1 10baset
    interface ethernet1 vlan2 logical
    nameif ethernet0 outside security0
    nameif ethernet1 inside security100
    nameif vlan2 guest security50
    enable password **** encrypted
    passwd **** encrypted
    hostname pixfirewall
    domain-name ciscopix.com
    clock timezone GMT/BST 0
    clock summer-time GMT/BDT recurring last Sun Mar 1:00 last Sun Oct 2:00
    fixup protocol dns maximum-length 512
    fixup protocol ftp 21
    fixup protocol h323 h225 1720
    fixup protocol h323 ras 1718-1719
    fixup protocol http 80
    fixup protocol pptp 1723
    fixup protocol rsh 514
    fixup protocol rtsp 554
    fixup protocol sip 5060
    fixup protocol sip udp 5060
    fixup protocol skinny 2000
    fixup protocol smtp 25
    fixup protocol sqlnet 1521
    fixup protocol tftp 69
    names
    access-list outside_access_in remark Allow ICMP traffic
    access-list outside_access_in permit icmp any any
    pager lines 24
    mtu outside 1500
    mtu inside 1500
    ip address outside x.x.x.193 255.255.255.248
    ip address inside 192.168.10.1 255.255.255.0
    ip address guest 192.168.2.1 255.255.255.0
    ip audit info action alarm
    ip audit attack action alarm
    pdm location 192.168.10.5 255.255.255.255 inside
    pdm location 192.168.10.6 255.255.255.255 inside
    pdm logging informational 100
    pdm history enable
    arp timeout 14400
    global (outside) 1 interface
    nat (inside) 1 0.0.0.0 0.0.0.0 0 0
    nat (guest) 1 0.0.0.0 0.0.0.0 0 0
    access-group outside_access_in in interface outside
    route outside 0.0.0.0 0.0.0.0 x.x.x.198 1
    timeout xlate 0:05:00
    timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225
    1:00:00
    timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00
    timeout uauth 0:05:00 absolute
    aaa-server TACACS+ protocol tacacs+
    aaa-server TACACS+ max-failed-attempts 3
    aaa-server TACACS+ deadtime 10
    aaa-server RADIUS protocol radius
    aaa-server RADIUS max-failed-attempts 3
    aaa-server RADIUS deadtime 10
    aaa-server LOCAL protocol local
    http server enable
    http 192.168.10.0 255.255.255.0 inside
    no snmp-server location
    no snmp-server contact
    snmp-server community public
    no snmp-server enable traps
    floodguard enable
    telnet 192.168.10.0 255.255.255.0 inside
    telnet timeout 5
    ssh timeout 5
    console timeout 0
    dhcpd address 192.168.10.5-192.168.10.20 inside
    dhcpd address 192.168.2.5-192.168.2.10 guest
    dhcpd dns y.y.y.100 y.y.y.200
    dhcpd lease 3600
    dhcpd ping_timeout 750
    dhcpd auto_config outside
    dhcpd enable inside
    dhcpd enable guest
    username **** password **** encrypted privilege 15
    terminal width 80
    Cryptochecksum:***
    : end
    [OK]

    Does anyone have any ideas?

    Many tia
    , Sep 10, 2006
    #1
    1. Advertising

  2. Merv Guest

    Have you tried upgrading to 6.3(5) ?
    Merv, Sep 10, 2006
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Walter Roberson

    Re: Cisco PIX 515 Connectivity problem

    Walter Roberson, Oct 14, 2003, in forum: Cisco
    Replies:
    3
    Views:
    639
    Walter Roberson
    Oct 20, 2003
  2. Jac
    Replies:
    1
    Views:
    2,856
  3. Ed Rust

    Linksys WAP/Router connectivity

    Ed Rust, Nov 29, 2003, in forum: Computer Support
    Replies:
    8
    Views:
    3,132
    landivision
    Dec 1, 2003
  4. Atif
    Replies:
    1
    Views:
    2,014
  5. tg
    Replies:
    2
    Views:
    1,097
Loading...

Share This Page