Setup of PIX 501 with DSL router

Discussion in 'Cisco' started by Mike McWhinney, Oct 5, 2004.

  1. Hello,

    I have been asked by a colleague of mine to set up a Cisco PIX 501 VPN
    appliance on their network. They have DSL broadband internet at two
    locations. I followed the installation as outlined in the quick start
    guide. However I must be missing some steps in the configuration. I
    cannot get *any* internet access (i.e. surfing the net, google.com,
    etc) when I have it connected as described in the manual.

    The DSL router is a Netopia Cayman router which is set up as
    192.168.1.254 WAN IP. From my understanding, the connection from the
    Cayman DSL router needs to connect to Eth0 interface on the PIX 501.
    I am then using Eth1 (port marked #1 on the PIX) to cascade to a
    10/100 ethernet switch (there are not enough ports on the 501 to
    connect each computer directly). This should not be a problem right?
    I am using the Orange cable (crossover) to connect the DSL router to
    the PIX 501. Then using a Yellow cable to connect from the PIX 501 to
    the 10/100 switch.

    I am not sure what needs to be set up in the PIX device manager (PDM).
    When I
    do a https://192.168.1.1 I get the configuration web server. What
    information do I need to fill in so that I can get the VPN device to
    work with the most basic configuration? I looked on Cisco's web site
    but they do not seem to have a basic guide for this VPN appliance.

    Thanks in advance.

    Mike McWhinney
     
    Mike McWhinney, Oct 5, 2004
    #1
    1. Advertising

  2. In article <>,
    Mike McWhinney <> wrote:
    :I have been asked by a colleague of mine to set up a Cisco PIX 501 VPN
    :appliance on their network.

    :The DSL router is a Netopia Cayman router which is set up as
    :192.168.1.254 WAN IP. From my understanding, the connection from the
    :Cayman DSL router needs to connect to Eth0 interface on the PIX 501.

    : When I
    :do a https://192.168.1.1 I get the configuration web server.

    When set to factory defaults, the PIX 501, 506, or 506e are configured
    with the *inside* interface set to 192.168.1.1 with a netmask of
    255.255.255.0, and the web configurator (PDM) is by default only
    configured to allow access from the inside.

    You have configured your DSL router on your *outside* interface
    to be part of the IP range that the PIX defaults to for its *inside*
    interface. That would require that you configure the PIX outside
    interface to be part of the 192.168.1/24 address range, but you cannot
    configure two interfaces to be part of the same IP range on the PIX.

    Either you have a clash of IP addresses, or else you did a bunch
    of configuration work already that you failed to mention and are
    configuring the PIX from the -outside-. My money would be on the
    clash of IP address ranges.


    If you want basic documentation on setting up your PIX, please see
    http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_63/63qsg/index.htm

    --
    vi -- think of it as practice for the ROGUE Olympics!
     
    Walter Roberson, Oct 6, 2004
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Andre
    Replies:
    7
    Views:
    742
    Andre
    Feb 20, 2005
  2. cdoc

    pix 501 with dsl

    cdoc, Jun 6, 2006, in forum: Cisco
    Replies:
    8
    Views:
    3,838
    Jonathan Roberts
    Jun 7, 2006
  3. Lunaray

    Using a DSL router without DSL service?

    Lunaray, Oct 17, 2004, in forum: Computer Information
    Replies:
    3
    Views:
    546
    Lunaray
    Oct 18, 2004
  4. Terry Cole
    Replies:
    0
    Views:
    415
    Terry Cole
    Jan 18, 2007
  5. coltwagdl88

    Add router between DSL and PIX 501

    coltwagdl88, Jan 14, 2009, in forum: Cisco
    Replies:
    1
    Views:
    565
    JmanSC
    Jan 17, 2009
Loading...

Share This Page