Problem with wireless connection

Discussion in 'Computer Support' started by dilan.weerasinghe@gmail.com, Sep 4, 2006.

  1. Guest

    Hello

    I was hoping someone could help me here.


    My home lab is set up as this;


    Speedtouch 536 ADSL router - Cisco PIX 506 Firewall - Linksys WAP 54G -

    Laptop


    The router just handles connection to the ISP. The PIX is responsible
    for NAT'ing and DHCP. The inside interface of the PIX is connected to
    the ethernet port of the Linksys by RJ-45.


    I'm using a pre-shared key to be able to authenticate the laptop to the

    Linksys WAP.


    However, I'm having some connectivity problems. Every 10mins or so, I
    will lose connection to the internet. I can still ping the firewall's
    internal address but cannot telnet into it or connect to it via HTTPS.
    Disabling and re-enabling the Wireless connection on my laptop seems to

    fix it until about 10mins later when exactly the same thing happens.
    When this problem occurs, I have directly connected my laptop to the
    PIX's inside interface and it works perfectly, so the problem does not
    seem to be with the PIX alone.


    Additionally, removing the PIX from the network and having the router
    handle NAT and DHCP results in no problems either. So, it's not
    completely the Linksys's fault either.


    So, somehow there is a problem between the Linksys and the PIX
    firewall.


    Does anyone have any ideas?


    Thanks in advance.


    Reply »
     
    , Sep 4, 2006
    #1
    1. Advertising

  2. why? Guest

    On 4 Sep 2006 04:22:24 -0700, wrote:

    <lots of extra blank lines removed. easier to read>

    >Hello
    >
    >I was hoping someone could help me here.
    >My home lab is set up as this;
    >Speedtouch 536 ADSL router - Cisco PIX 506 Firewall - Linksys WAP 54G -
    >Laptop


    PIX - sh ver?

    >The router just handles connection to the ISP. The PIX is responsible
    >for NAT'ing and DHCP. The inside interface of the PIX is connected to
    >the ethernet port of the Linksys by RJ-45.
    >
    >I'm using a pre-shared key to be able to authenticate the laptop to the
    >Linksys WAP.
    >
    >However, I'm having some connectivity problems. Every 10mins or so, I
    >will lose connection to the internet. I can still ping the firewall's
    >internal address but cannot telnet into it or connect to it via HTTPS.


    A few quick checks, PIX connections and DHCP info.

    PIX console cable, allows access via dumb terminal. Look at

    sh xlate

    sh con details

    The 2 of those show connections through the PIX IP address / ports, so
    if you do an ipconfig/renew then you will see the connections to the
    router open, and will close as per the timeouts.

    For example do an nslookup and see if it's going to the right places.

    sh ip address outside dhcp

    This should show the PIX picking up the correct lease from the router.


    sh ip address inside dhcp server
    This shows the PIX picking up ISP settings for DNS

    sh ip address

    Show IP for inside and outside.


    Make the PIX a static address in the router range.

    >Disabling and re-enabling the Wireless connection on my laptop seems to


    That's only the lease of the laptop.

    The output of ipconfig/all is? It also looks okay? After the problem
    it's?

    >fix it until about 10mins later when exactly the same thing happens.
    >When this problem occurs, I have directly connected my laptop to the
    >PIX's inside interface and it works perfectly, so the problem does not
    >seem to be with the PIX alone.


    Ah ok, was going to suggest adding a PC wired to the PIX. If you do this
    anyway it will give you telnet access.

    >
    >Additionally, removing the PIX from the network and having the router
    >handle NAT and DHCP results in no problems either. So, it's not
    >completely the Linksys's fault either.


    If the PIX is removed then there is no problem, so none of the other kit
    is an issue at all :)

    >
    >So, somehow there is a problem between the Linksys and the PIX
    >firewall.
    >
    >
    >Does anyone have any ideas?
    >
    >
    >Thanks in advance.
    >
    >
    >Reply »
     
    why?, Sep 4, 2006
    #2
    1. Advertising

  3. Guest

    why? wrote:
    > On 4 Sep 2006 04:22:24 -0700, wrote:
    >
    > <lots of extra blank lines removed. easier to read>
    >
    > >Hello


    Thanks for picking this up.

    > >
    > >I was hoping someone could help me here.
    > >My home lab is set up as this;
    > >Speedtouch 536 ADSL router - Cisco PIX 506 Firewall - Linksys WAP 54G -
    > >Laptop

    >
    > PIX - sh ver?


    I've updated the network somewhat since the original question. It's now

    Speedtouch ADSL router - Cisco PIX - Cisco 2924 switch - Linksys WAP

    To clarify, the PIX handles DHCP and NAT.

    There are two VLAN's set up...one on 192.168.10.0 and one on
    192.168.2.0 both /24. The PIX outside interface is x.x.x.193, it has
    two logical inside interfaces 192.168.10.1 and 192.168.2.1 (VLAN's 1
    and 2 respectively).

    Cisco PIX Firewall Version 6.3(4)
    Cisco PIX Device Manager Version 3.0(1)
    Compiled on Fri 02-Jul-04 00:07 by morlee
    pixfirewall up 3 hours 32 mins
    Hardware: PIX-506, 32 MB RAM, CPU Pentium 200 MHz
    Flash i28F640J5 @ 0x300, 8MB
    BIOS Flash AT29C257 @ 0xfffd8000, 32KB
    0: ethernet0: address is 0007.50b2.8e30, irq 11
    1: ethernet1: address is 0007.50b2.8e31, irq 10
    Licensed Features:
    Failover: Disabled
    VPN-DES: Enabled
    VPN-3DES-AES: Disabled
    Maximum Physical Interfaces: 2
    Maximum Interfaces: 2
    Cut-through Proxy: Enabled
    Guards: Enabled
    URL-filtering: Enabled
    Inside Hosts: Unlimited
    Throughput: Limited
    IKE peers: Unlimited
    This PIX has a Restricted (R) license.
    Serial Number: <snip>
    Running Activation Key: <snip>
    Configuration has not been modified since last system restart.


    >
    > >The router just handles connection to the ISP. The PIX is responsible
    > >for NAT'ing and DHCP. The inside interface of the PIX is connected to
    > >the ethernet port of the Linksys by RJ-45.
    > >
    > >I'm using a pre-shared key to be able to authenticate the laptop to the
    > >Linksys WAP.
    > >
    > >However, I'm having some connectivity problems. Every 10mins or so, I
    > >will lose connection to the internet. I can still ping the firewall's
    > >internal address but cannot telnet into it or connect to it via HTTPS.

    >
    > A few quick checks, PIX connections and DHCP info.
    >
    > PIX console cable, allows access via dumb terminal. Look at
    >
    > sh xlate


    sh xlate was carried when two machines were connected - one via wire
    (192.168.2.5) and one by wireless (192.168.10.6).

    PAT Global x.x.x.193(2305) Local 192.168.2.5(1377)
    PAT Global x.x.x.193(2309) Local 192.168.2.5(1381)
    PAT Global x.x.x.193(2316) Local 192.168.2.5(1388)
    PAT Global x.x.x.193(2317) Local 192.168.10.6(1838)
    PAT Global x.x.x.193(1215) Local 192.168.10.6(1025

    >
    > sh con details


    this command doesn't work, the PIX response is 'ambigious command'?
    >
    > The 2 of those show connections through the PIX IP address / ports, so
    > if you do an ipconfig/renew then you will see the connections to the
    > router open, and will close as per the timeouts.
    >
    > For example do an nslookup and see if it's going to the right places.
    >
    > sh ip address outside dhcp
    >
    > This should show the PIX picking up the correct lease from the router.
    >
    >
    > sh ip address inside dhcp server
    > This shows the PIX picking up ISP settings for DNS
    >
    > sh ip address
    >
    > Show IP for inside and outside.
    >
    >
    > Make the PIX a static address in the router range.


    The PIX has a static address configured for both the inside and outside
    interface already, so there would no output when running these
    commands.

    > >Disabling and re-enabling the Wireless connection on my laptop seems to

    >
    > That's only the lease of the laptop.
    >
    > The output of ipconfig/all is? It also looks okay? After the problem
    > it's?


    Before the problem occurs, the output of ipconfig/all is

    Ethernet adapter Wireless Network Connection:

    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Intel(R) PRO/Wireless 2200
    Connection
    Physical Address. . . . . . . . . : 00-12-F0-6D-1C-DD
    Dhcp Enabled. . . . . . . . . . . : Yes
    Autoconfiguration Enabled . . . . : Yes
    IP Address. . . . . . . . . . . . : 192.168.10.6
    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    Default Gateway . . . . . . . . . : 192.168.10.1
    DHCP Server . . . . . . . . . . . : 192.168.10.1
    DNS Servers . . . . . . . . . . . : 212.23.3.100
    Lease Obtained. . . . . . . . . . : 05 September 2006 21:50:40
    Lease Expires . . . . . . . . . . : 05 September 2006 22:50:40

    The problem hasn't occured since, so there is no IP config all I can do
    to follow up, but can you see anything strange at all anywhere?

    Thanks.

    >
    > >fix it until about 10mins later when exactly the same thing happens.
    > >When this problem occurs, I have directly connected my laptop to the
    > >PIX's inside interface and it works perfectly, so the problem does not
    > >seem to be with the PIX alone.

    >
    > Ah ok, was going to suggest adding a PC wired to the PIX. If you do this
    > anyway it will give you telnet access.
    >
    > >
    > >Additionally, removing the PIX from the network and having the router
    > >handle NAT and DHCP results in no problems either. So, it's not
    > >completely the Linksys's fault either.

    >
    > If the PIX is removed then there is no problem, so none of the other kit
    > is an issue at all :)
    >
    > >
    > >So, somehow there is a problem between the Linksys and the PIX
    > >firewall.
    > >
    > >
    > >Does anyone have any ideas?
    > >
    > >
    > >Thanks in advance.
    > >
    > >
    > >Reply »
     
    , Sep 5, 2006
    #3
  4. why? Guest

    On 5 Sep 2006 14:32:22 -0700, wrote:

    >
    >why? wrote:
    >> On 4 Sep 2006 04:22:24 -0700, wrote:
    >>
    >> <lots of extra blank lines removed. easier to read>
    >>
    >> >Hello

    >
    >Thanks for picking this up.
    >

    <big snip>

    >>
    >> sh con details


    sh conn detail

    2 typos :)




    <big snip>

    Me
     
    why?, Sep 6, 2006
    #4
  5. why? Guest

    On 5 Sep 2006 14:32:22 -0700, wrote:

    >
    >why? wrote:
    >> On 4 Sep 2006 04:22:24 -0700, wrote:
    >>
    >> <lots of extra blank lines removed. easier to read>
    >>
    >> >Hello

    >
    >Thanks for picking this up.
    >
    >> >
    >> >I was hoping someone could help me here.
    >> >My home lab is set up as this;
    >> >Speedtouch 536 ADSL router - Cisco PIX 506 Firewall - Linksys WAP 54G -
    >> >Laptop

    >>
    >> PIX - sh ver?

    >
    >I've updated the network somewhat since the original question. It's now
    >
    >Speedtouch ADSL router - Cisco PIX - Cisco 2924 switch - Linksys WAP
    >
    >To clarify, the PIX handles DHCP and NAT.


    Fine, usually do that.

    >There are two VLAN's set up...one on 192.168.10.0 and one on
    >192.168.2.0 both /24. The PIX outside interface is x.x.x.193, it has
    >two logical inside interfaces 192.168.10.1 and 192.168.2.1 (VLAN's 1
    >and 2 respectively).
    >
    >Cisco PIX Firewall Version 6.3(4)
    >Cisco PIX Device Manager Version 3.0(1)
    >Compiled on Fri 02-Jul-04 00:07 by morlee
    >pixfirewall up 3 hours 32 mins
    >Hardware: PIX-506, 32 MB RAM, CPU Pentium 200 MHz


    I only got my hands on my first 506E a few days ago and haven't got the
    config setup for logical interfaces. Not something I am going to do
    today <grin>, it's still in the box and at work. The 501 here doesn't do
    logical interfaces :-(

    You may prefer to hop on over to
    comp.dcom.sys.cisco

    <snip>

    >> >The router just handles connection to the ISP. The PIX is responsible
    >> >for NAT'ing and DHCP. The inside interface of the PIX is connected to
    >> >the ethernet port of the Linksys by RJ-45.
    >> >
    >> >I'm using a pre-shared key to be able to authenticate the laptop to the
    >> >Linksys WAP.
    >> >
    >> >However, I'm having some connectivity problems. Every 10mins or so, I
    >> >will lose connection to the internet. I can still ping the firewall's
    >> >internal address but cannot telnet into it or connect to it via HTTPS.

    >>
    >> A few quick checks, PIX connections and DHCP info.
    >>
    >> PIX console cable, allows access via dumb terminal. Look at
    >>
    >> sh xlate

    >
    >sh xlate was carried when two machines were connected - one via wire
    >(192.168.2.5) and one by wireless (192.168.10.6).
    >
    >PAT Global x.x.x.193(2305) Local 192.168.2.5(1377)
    >PAT Global x.x.x.193(2309) Local 192.168.2.5(1381)
    >PAT Global x.x.x.193(2316) Local 192.168.2.5(1388)
    >PAT Global x.x.x.193(2317) Local 192.168.10.6(1838)
    >PAT Global x.x.x.193(1215) Local 192.168.10.6(1025

    <snip>

    >> sh ip address inside dhcp server
    >> This shows the PIX picking up ISP settings for DNS
    >>
    >> sh ip address
    >>
    >> Show IP for inside and outside.
    >>
    >>
    >> Make the PIX a static address in the router range.

    >
    >The PIX has a static address configured for both the inside and outside
    >interface already, so there would no output when running these
    >commands.


    1 of the commands would, as an example

    outside dhcp, inside static via config using

    ip address outside dhcp setroute
    ip address inside 192.168.99.1 255.255.255.0


    pixfirewall#
    pixfirewall# sh ip address
    System IP Addresses:
    ip address outside 192.168.0.11 255.255.255.0
    ip address inside 192.168.99.1 255.255.255.0
    Current IP Addresses:
    ip address outside 192.168.0.11 255.255.255.0
    ip address inside 192.168.99.1 255.255.255.0
    pixfirewall#


    See if the PIX, (considering asking you to post oput of sh run) , is
    rejecting anything when the lease expires, get some logging turned on.

    pixfirewall# conf t
    pixfirewall# logging on
    pixfirewall(config)# logging timestamp
    pixfirewall(config)# logging buffered 7

    as required

    pixfirewall(config)# sh log

    or

    pixfirewall# sh log

    On my laptop ipconfig/release

    604104: DHCP daemon interface inside: address released
    0100.b0d0.8946.82 (192.168.99.2)


    then a /renew

    302010: 0 in use, 1 most used
    604103: DHCP daemon interface inside: address granted 0100.b0d0.8946.82
    (192.168.99.2)
    106023: Deny udp src inside:192.168.99.2/137 dst outside:x.x.x.x/137 by
    access-group "acl-in"

    I also setup an internal syslog server to record the messages, 3
    options

    www.kiwisyslog.com
    The Cisco PFSS , pix firewall syslog server, Google for it.
    Loglady, www.kaska.demon.co.uk


    >> >Disabling and re-enabling the Wireless connection on my laptop seems to

    >>
    >> That's only the lease of the laptop.
    >>

    <snip>

    > DNS Servers . . . . . . . . . . . : 212.23.3.100
    > Lease Obtained. . . . . . . . . . : 05 September 2006 21:50:40
    > Lease Expires . . . . . . . . . . : 05 September 2006 22:50:40


    Would, for myself change the default lease from 1 hour, 1st renew check
    would be 30 minutes, (should be) , if a check for the DHCP server is
    earlier and it fails then it's really the other ipconfig/all required.

    You could also at that time quickly do another sh xlate and see what
    ports are active on the PIX.


    >The problem hasn't occured since, so there is no IP config all I can do
    >to follow up, but can you see anything strange at all anywhere?


    Always the same :)

    >Thanks.
    >

    <snip>

    Me
     
    why?, Sep 6, 2006
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. =?Utf-8?B?am9raW5kYTE=?=

    No "Wireless Network Connection" available in network connection

    =?Utf-8?B?am9raW5kYTE=?=, Nov 27, 2004, in forum: Wireless Networking
    Replies:
    7
    Views:
    19,197
    preeuzee
    Oct 16, 2012
  2. =?Utf-8?B?bW90b21hbm1hdHQ=?=

    Not seeing Wireless Connection in Network Connection

    =?Utf-8?B?bW90b21hbm1hdHQ=?=, Mar 4, 2005, in forum: Wireless Networking
    Replies:
    4
    Views:
    5,700
    Quaoar
    Mar 5, 2005
  3. Steve

    Wireless Connection drops / PS2 connection

    Steve, Jul 27, 2005, in forum: Wireless Networking
    Replies:
    1
    Views:
    811
    Clark
    Jul 27, 2005
  4. Rich
    Replies:
    0
    Views:
    1,110
  5. Mark
    Replies:
    0
    Views:
    2,139
Loading...

Share This Page