Question

Cable internet and Cisco router

Asked by: lkingpinl

Ok,

So I have no clue how to do this and it's been thrown at me.  We had a router that used a T1 apparently and behind the router is a PIX515.  I did a show run on the router to see the current config.  Can I use the existing serial port controller for the new cable line or should I put it on FE0/1?  We got these IP's from Comcast:

173.13.19.81
255.255.255.248

GW:  173.13.19.86

How do I config the router for this new connection?  I know all I have to do on the PIX is change the old WAN IP's to the new ones.  But the router.....

Building configuration...
 
Current configuration : 1343 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname troy-inet-rtr
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
!
no aaa new-model
!
resource policy
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
ip subnet-zero
ip cef
!
!
no ip dhcp use vrf connected
!
!
ip domain name hbpogroup.com
!
username admin privilege 15 secret 5 $1$n6GG$2g9X5xzQsQvYWSrlH1fes1
!
!
!
interface FastEthernet0/0
 description PIX Connect
 ip address 216.234.116.121 255.255.255.248
 duplex auto
 speed auto
!
interface FastEthernet0/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface Serial0/1/0
 description Iserv Connect
 ip address 216.234.103.150 255.255.255.252
 encapsulation ppp
!
ip classless
ip route 0.0.0.0 0.0.0.0 216.234.103.149
!
ip http server
ip http access-class 23
ip http authentication local
ip http timeout-policy idle 60 life 86400 requests 10000
!
access-list 23 permit 216.234.116.120 0.0.0.7
!
control-plane
!
banner login ^C
HBPO North America
Authorized Users Only!
^C
!
line con 0
 login local
line aux 0
line vty 0 4
 access-class 23 in
 privilege level 15
 login local
 transport input telnet
line vty 5 15
 access-class 23 in
 privilege level 15
 login local
 transport input telnet
!
end

                                  
1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
30:
31:
32:
33:
34:
35:
36:
37:
38:
39:
40:
41:
42:
43:
44:
45:
46:
47:
48:
49:
50:
51:
52:
53:
54:
55:
56:
57:
58:
59:
60:
61:
62:
63:
64:
65:
66:
67:
68:
69:
70:
71:
72:
73:
74:
75:
76:
77:
78:
79:
80:
81:
82:
83:
84:
85:
86:

Select allOpen in new window

This Question has been solved and asker verified All Experts Exchange premium technology solutions are available to subscription members.

Subscribe now for full access to Experts Exchange and get

Instant Access to this Solution

  • Plus...
  • 30 Day FREE access, no risk, no obligation
  • Collaborate with the world's top tech experts
  • Unlimited access to our exclusive solution database
  • Never be left without tech help again

Subscribe Now

Asked On
2009-09-30 at 08:27:00ID24773945
Tags

router

,

internet

,

cable

,

T1

,

PIX

Topic

DSL Lines / Cable Internet

Participating Experts
1
Points
500
Comments
22

Trusted by hundreds of thousands everyday for fast, accurate and reliable tech support.

  • "The time we save is the biggest benefit of Experts Exchange to Warner Bros. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange." Mike Kapnisakis, Warner Bros.
  • "Our team likes having a resource that is more secure than just using Google and most experts using this service really know their stuff. It's nice to look here first versus using Google." Dayna Sellner, Lockheed Martin
  • "Anytime that I've been stumped with a problem, 9 out of 10 times Experts Exchange has either the accepted solution or an open discussion of the potential solution to the problem." Kenny Red, eBay Inc.

See what Experts Exchange can do for you.

Got a question?

We've got the answer.

Experts Exchange has been collecting answers to technology questions since 1996…3 million and counting! If you have a question, chances are we already have your answer.

Screenshot of Experts Exchange Knowledgebase

Need individual assistance?

Our experts are ready to help.

If you can't find the exact answer you're looking for, ask our exclusive community of 50,000 experts. You’ll get a personalized answer from a trusted professional.

Screenshot of Experts Exchange Knowledgebase

Want to learn from the best?

Read articles from industry experts.

Thousands of free tech tips, tricks, how-to’s and tutorials are available in our peer reviewed articles section. See for yourself how smart our experts are, no login required.

Screenshot of an Article

Working on a long term project?

Store your work and research.

Save solutions to your questions, answers you’ve discovered through searching plus helpful articles in your personal knowledgebase for easy future access.

Screenshot of Experts Exchange Knowledgebase

Access the answers to your technology questions today.

Subscribe Now

30-day free trial. Register in 60 seconds.

What Makes Experts Exchange Unique?

Members of the expert community talk about why the experience at Experts Exchange is different than what you will find anywhere else.

Trusted by the world's most respected brands.

image of each brand's logo

Faithfully serving IT professionals since 1996.

Experts Exchange Logo

Try it out and discover for yourself.

Subscribe Now

30-day free trial. Register in 60 seconds.

Related Solutions

  1. Pix515
    Ok I think I have overloaded my 2621 by having my VPN's go though it , so I'm looking to get a PIX515 to offload some traffic and work on security. I know I could get the VPN module for this but I have been told getting a PIX box makes more sense as it gives me more firewall ...
  2. Connect PIX515 to the router
    Hi all, I have PIX515 that I tried to connect my router (Cisco 2600). Here's the IP assignment from my ISP: --- LAN Customer LAN Block: AAA.BBB.31.0/24 Customer Gateway: AAA.BBB.31.1 Useable Range: AAA.BBB.31.2 - AAA.BBB.31.254 Customer Subnet Mask: 255.25...
  3. Multiple Pix515s
    Right now we have a configuration like this: (192.168.1-4.0) VPN Branch Offices using Cox --> Sprint T1 --> Cisco 2600 (managed by Sprint) --> Pix515 (192.168.0.253) --> Main Office Switch --> W2k3 network We have attempted to add a second internet connectio...
  4. Comcast and Cisco Pix
    Hi, I need help. I have a Comcast account with 5 static ip address, (the cable modem is an Ambit Braodband). I also have a Cisco Pix 501. I am setting up some windows servers (Domain, DNS, DHCP, Mail, Web, FTP and etc) at my house only for personal uses. My problem is I d...
  5. Multiple IPs on PIX515E
    I have a bunch of IPs provided by my ISP, my modem (ADSL2+ is in a brigde mode ) modem is connected to Cisco 2950 switch and a Cisco PIX515E 8.03 connected to the switch.I can assign only one piblic IP address within 70.112.65.160/28 on outside interface on PIX, I can NAT a...
  6. Dynamic DNS with Cisco PIX515E
    I recently got a PIX515E and have a dynamic account with my ISP. Does the PIX support Dynamic DNS? if so, how is it configured?

Free Tech Articles

  1. WARNING: 5 Reasons why you should NEVER fix a computer for free.
    It is in our nature to love the puzzle. We are obsessed. The lot of us. We love puzzles. We love the challenge. We thrive on finding the answer. We hate disarray. It bothers us deep in our soul. W...
  2. SCCM OSD Basic troubleshooting
    SCCM 2007 OSD is a fantastic way to deploy operating systems, however, like most things SCCM issues can sometimes be difficult to resolve due to the sheer volume of logs to sift through and the dispe...
  3. Migrate Small Business Server 2003 to Exchange 2010 and Windows 2008 R2
    This guide is intended to provide step by step instructions on how to migrate from Small Business Server 2003 to Windows 2008 R2 with Exchange 2010. For this migration to work you will need the fo...
  4. Create a Win7 Gadget
    This article shows you how to create a simple "Gadget" -- a sort of mini-application supported by Windows 7 and Vista. Gadgets can be dropped anywhere on the desktop to provide instant information, ...
  5. Outlook continually prompting for username and password
    There have been a lot of questions recently regarding Outlook prompting for a username and password whilst using Exchange 2007. There are a few reasons why this would happen and I will try to cover t...
  6. Backup Exchange 2010 Information Store using Windows Backup
    There seems to be quite a lot of confusion around the ability to backup Exchange 2010 using the built in Windows Backup feature. This stems from the omission of this feature prior to Exchange 2007 s...

Cloud Class Webinars

  1. Avoiding Bugs in Microsoft Access
    Alison Balter takes and in-depth look at avoiding bugs in Access. In this webinar you will learn about using the immediate window to debug your applications, invoking the debugger, using breakpoints to troubleshoot, stepping through code, setting the next statement to execute, ...
  2. Top 10 Best New Features in Visio 2010
    Scott Helmers gives live demonstrations of the top 10 new features in Visio 2010. This webinar will teach you how to create compelling diagrams by adding shapes to the page with a single click, linking the shapes in a diagram to data in Excel (or SQL Server, or SharePoint), ...
  3. IT Consultant Business Secrets Revealed
    Michael Munger, Experts Exchange tech pro and IT consultant, pulls back the curtain on his very successful businesses and answers question on every IT consultant and business owner should know about. He shares secrets on what he did to solve the 5 most common problems in IT, ...
  4. Disaster Recovery and Business Continuity
    Quest CTO, Mike Billon, gives an overview of the steps involved in building a dunamic disaster recovery plan. Through case studies and an examination of software/hardware tooles for monitoring and testing, you'll gain a better understandin of where you are, where you want ...
  5. Organize Your Visio Diagrams with Containers and Lists
    Scott Helmers uses cross functional flowcharts, wireframe diagrams, data graphic legends and seating charts to teach you: how to ustilize all three new structured diagram components in Visio 2010, the best practices for organizeing shapes in previous version of Visio, how to organize ...
  6. How to Us Objects, Properties, Events and Methods in Microsoft Access
    Alison Dalter gives an in-depbth look at objects, properties, events and methods in Microsoft Access. In this webinar you will learn about using the object browser, referring to objects, working with properties and methods, working with object variables, understanding the ...

Join the Community

Give a Little. Get a Lot.

Join the community of experts here and help other tech pros by answering question in your area of expertise. You can earn FREE access to all Experts Exchange's premium features and resources.

Join the Community

Answers

 

by: jodylemoinePosted on 2009-09-30 at 09:17:57ID: 25460435

You're going to have to use the FastEthernet0/1 connection for a cable line.  T1 connections are serial (hence the use of the serial port) but a cable connection is going to give you an ethernet connection from the cable bridge.

 

by: jodylemoinePosted on 2009-09-30 at 09:22:07ID: 25460482

Reading more carefully, the best option is to just take the router out of the picture.  It was needed to provide connectivity between the PIX's ethernet and the T1's serial, but won't be with Comcast.

I would just assign the Comcast IP address and default gateway to the PIX's outside interface and plug that directly into the cable bridge, bypassing the router entirely.

 

by: lkingpinlPosted on 2009-09-30 at 09:22:43ID: 25460493

ok fair enough, so i will use FE0/1 for cable and FE0/0 to connect to the PIX, so how do i change my config to make it all work?

 

by: lkingpinlPosted on 2009-09-30 at 09:25:05ID: 25460517

i will try that!

 

by: jodylemoinePosted on 2009-09-30 at 09:27:23ID: 25460543

I think you posted before my second comment showed up.  The T1 gave you two networks, one for the T1 itself (216.234.103.148/30) and one for the Ethernet between the PIX and the router (216.234.116.120/29).  Comcast is giving you only one network to work with, so if you want to keep using the router, we'll have to configure it to bridge the FastEthernet ports.  This is really unnecessary and gives you nothing but an additional point of failure in your network.  I would just put the Comcast IP on the outside interface of the PIX, change the default router on the PIX to the one provided by Comcast and plug the cable bridge directly into the outside interface of the PIX.

 

by: jodylemoinePosted on 2009-09-30 at 09:28:18ID: 25460553

And there I go posting before seeing your comment.  Oh well.  We'll manage to figure it out in the end.  :)

 

by: lkingpinlPosted on 2009-10-03 at 07:28:43ID: 25485503

Ok, on the PIX I have the outside interface set to 173.13.19.86 because the block I got from Comcast is 173.13.19.86/29

Is there something I have to do on the modem itself?  Looks like it is serving DHCP under a different scope (10.1.10.1/25).  I'm assuming I need to disable DHCP for the LAN right?  Then just go from one of the LAN ports to the outside interface on the PIX?

 

by: jodylemoinePosted on 2009-10-03 at 07:34:01ID: 25485518

You shouldn't have to do anything on the cable device itself.  The last time I worked with one of those, it would serve a private IP address range via DHCP but would operate as a bridge if the internal device was using public IPs.  If you configure the PIX with the public IP and proper default router, you should be good.  If not, let me know the make and model number of the cable device you're using and I'll see if there's anything special that needs to be done.

 

by: lkingpinlPosted on 2009-10-03 at 07:41:59ID: 25485543

Ok see the attached document.  First pic is from the modem, the second two are from the PIX.  am I missing something?

 

by: jodylemoinePosted on 2009-10-03 at 07:46:52ID: 25485557

Nope.  That looks correct.  The Comcast box should bridge any requests from the LAN using the public IP addresses to the WAN...  or at least that's the way the last Comcast box I worked on did it.  If it's not working, let me know the make and model of the Comcast box and I'll see if there's anything special that needs to be done.

 

by: lkingpinlPosted on 2009-10-03 at 08:00:33ID: 25485610

Modem is an SMC Networks modem model is SMC8014

 

by: jodylemoinePosted on 2009-10-03 at 08:36:23ID: 25485719

Okay... that's not the same model I worked with last time.  I did some reading on what to do with the 8014 and ran across this helpful thread on dslreport.com.

http://www.dslreports.com/forum/r21202317-Business-how-to-bridge-a-smc-8014-business-class-modem

If you can make the Comcast device pass traffic directly, which is normally done with bridge mode but seems to be a little bit different on the 8014, then the PIX will start communicating directly.

 

by: lkingpinlPosted on 2009-10-03 at 08:40:12ID: 25485729

Ok so I should assign the outside interface of the PIX a 10.1.10.0 address, configure that as a DMZ host on the modem and then what?  How can I use my static IP's and how should I change my static routes on the PIX?  This sucks....

 

by: jodylemoinePosted on 2009-10-03 at 08:50:21ID: 25485771

Have a closer look at the second comment in the thread.  There's no using 10.1.10.0 addresses on the PIX, just the assigned static IP address.

A number of other posts I've been looking at have indicated that the tech support guys at Comcast will make the 8014 work in bridge-mode (or the closest thing that the 8014 approximates) for you so that you can pass the public addresses in...  which saves you a lot of headaches.

 

by: lkingpinlPosted on 2009-10-03 at 09:33:41ID: 25485892

I talked with comcast, they say everything is right on the modem.  Do is the gateway route wrong on the PIX?  I have to have this up this weekend.  We start back to work on monday.  Thanks for your help thus far

 

by: jodylemoinePosted on 2009-10-03 at 09:43:13ID: 25485921

It's not so much that something is *wrong* on the Comcast box as that it isn't set up correctly for your application.  Did you ask Comcast to put the device in bridge mode so that you can use the public IPs on the LAN?  If so and they were unable to assist further, try the following:

Plug a computer into one of the other LAN ports of the Comcast box and get into the web management interface on the unit.  Go to the "SMC Firewall" setting and select "Disable Firewall for True Static IP Subnet Only" and see if that gets everything up and running.

Many others have made this configuration work, so it's just a matter of hammering out the details.  Shouldn't take too long to figure out where the wrench in the gears is.

 

by: lkingpinlPosted on 2009-10-03 at 09:46:30ID: 25485925

The disable firewall is selected but still no luck.  

 

by: jodylemoinePosted on 2009-10-03 at 09:48:27ID: 25485928

Can you ping the default router (outside) from the PC or the PIX?

 

by: lkingpinlPosted on 2009-10-03 at 09:49:56ID: 25485931

I cannot ping 173.13.19.86 from either.

 

by: lkingpinlPosted on 2009-10-03 at 10:13:53ID: 25485990

check that, I CAN ping the GW (173.13.19.86) fom the PC that is connected to the LAN and assigned an address on 10.1.10.0 subnet, but I cannot ping from the PIX

 

by: lkingpinlPosted on 2009-10-03 at 10:58:54ID: 25486162

any thoughts?  comcast is clueless as to why i cannot use my static IP's in the manner I want.  What if I use the firewall on the modem for NAT translation and hand out a LAN IP to the PIX? It's kind of a screwed up way to pass the public IP's through, but it might work.

 

by: lkingpinlPosted on 2009-10-03 at 11:41:48ID: 25486345

I got it working.  Comcast is stupid.  I just did NAT translations on the modem itself and gave the PIX a LAN IP from the modem and put it in the DMZ host so it can get out.  All my clients go through our proxy anyway.  But proxy, VPN and FTP are all working.  Thanks for your help, i'll reward you the points.

20120131-EE-VQP-002

3 Ways to Join

30-Day Free Trial

The Experts

98% positive feedback on 31,087 answers since March 2000. angeliii is a Microsoft Most Valuable Professional for his work with MS SQL Server & Develoment.

He has also proven his knowledge of Visual Basic Programming, PHP Scripting and Oracle Databases.

The Experts

97% positive feedback on 10,752 answers since July 2000. lrmoore has more than 18 years experience in the networking industry.

The six-time Mircosoft MVPs specialties include firewalls, virtual private networking, and network management.

Testimonials

"...and excellent source for support... Kind of like having your very own IT dept." Electriciansnet

Testimonials

"I was apprehensive at signing up at first. However... it has already made my life as an IT administrator much easier." JaCrews

Testimonials

"WOW! You guys have great, active, and knowledgeable people on here." moore50

Business Clients

Business Clients

In the Press

"If you’ve got a question... Experts Exchange can supply an answer.”

In the Press

"...an invaluable aid for both IT professionals and those who require tech support."

In the Press

"where IT professionals provide quick answers on just about any topic"

Business Account Plans

Loading Advertisement...