Solved

506E cable modem setup

Posted on 2004-04-27
8
346 Views
Last Modified: 2010-04-09
I've just acquired a 506e I want to use it to connect to a cable modem, I'm new to this so would appreciate some help

I have managed to setup the DHCP server, when I do an ipconfig I can see an IP number in the range I.ve allocated.

When I do a show IP I can see the IP my ISP has automatically allocated me (this is DHCP too)

I can ping the 506E ok but I cannot seem to reach anything on the outside

I cannot access anything from by browser either.

I've obvously missed somethingm can anyone help.
0
Comment
Question by:mitnick69
  • 3
  • 3
  • 2
8 Comments
 
LVL 23

Expert Comment

by:Tim Holman
ID: 10933525
Post up the config if you can ?
A PIX, out of the box, should allow anything from the inside to see the outside via PAT, unless you've added access-lists or want to do anything advanced.
Make sure you reboot all peripheral devices the PIX is connected to to clear out ARP caches, and ensure you interfaces on the PIX are set to 100full.
0
 

Author Comment

by:mitnick69
ID: 10933587
How do i reset it to the factory setting,  I've been changing settings. (I think I'm using version 6.1)

I'll have to get the config tomorrow as I've shut it down right now,  how do I show the config?

How does the PIX handle DNS?  I'm using a belkin wireless router currently and have to manually configure the DNS in my network connections.  DO i just use obtain IP/DNS automatically?

What should my connection settings be once I've reset the PIX? (I'm using XP)

Regards,
John
0
 
LVL 4

Expert Comment

by:hawgpig
ID: 10934132
MIT,
   are you connected to a qwest network....
If you are this will get a bit tricky
you will have to dual nat from the cable modem to the pix
then nat from the pix to the inside network....
Let me know if you are setting up on a qwest pppoa network
We may be able to get this going for you....

you don't have to have the pix pluged into the network to get the config
you can plug in the console cable (blue and flat) to the console
and using hyperterm get into the pix
once there type
en <enter>
then hit enter when the pix asks for a password
(assuming you havent changed the password)
If there is a password and you know it use it here
Then type
when you get the # prompt type
con t
then type
write term
This will give you a config....
Good Luck
0
 

Author Comment

by:mitnick69
ID: 10941760
Here's my config,  All I want to do is have one IP in the outside that my ISP provides via DHCP,
internally I have a network with 5 pc's I want to be able to access the net etc on each of the pc's, I'm happy either specifying IP's or obtaining them from the firewall.


PIX Version 6.1(4)
nameif ethernet0 outside security0
nameif ethernet1 inside security100
enable password  
passwd  
hostname pixfirewall
domain-name mypix.com
fixup protocol ftp 21
fixup protocol http 80
fixup protocol h323 1720
fixup protocol rsh 514
fixup protocol rtsp 554
fixup protocol smtp 25
fixup protocol sqlnet 1521
fixup protocol sip 5060
fixup protocol skinny 2000
names
pager lines 24
interface ethernet0 auto
interface ethernet1 auto
mtu outside 1500
mtu inside 1500
ip address outside dhcp setroute
ip address inside 192.168.1.1 255.255.255.0
ip audit info action alarm
ip audit attack action alarm
pdm location 192.168.1.2 255.255.255.255 inside
pdm history enable
arp timeout 14400
global (outside) 1 192.168.3.1-192.168.3.50 netmask 255.255.255.0
global (outside) 1 interface
nat (inside) 1 0.0.0.0 0.0.0.0 0 0
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h323 0:05:00 si
p 0:30:00 sip_media 0:02:00
timeout uauth 0:05:00 absolute
aaa-server TACACS+ protocol tacacs+
aaa-server RADIUS protocol radius
http server enable
http 192.168.1.2 255.255.255.255 inside
http 192.168.1.5 255.255.255.255 inside
no snmp-server location
no snmp-server contact
snmp-server community public
no snmp-server enable traps
floodguard enable
no sysopt route dnat
telnet timeout 5
ssh timeout 5
dhcpd address 192.168.1.5-192.168.1.20 inside
dhcpd lease 3600
dhcpd ping_timeout 750
dhcpd auto_config outside
dhcpd enable inside
terminal width 80
0
What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

 
LVL 23

Accepted Solution

by:
Tim Holman earned 30 total points
ID: 10947435
Do this:

no global (outside) 1 192.168.3.1-192.168.3.50 netmask 255.255.255.0

The above line is incorrect and may well be confusing things.

Also check you're getting a default route on the PIX - 'sh ip route'.

Can you ping the Internet from the PIX console ?
0
 
LVL 4

Assisted Solution

by:hawgpig
hawgpig earned 20 total points
ID: 10951193
Check to make sure you are getting your dns info from your isp...
open a browser on a machine on your internal network and type this ip adddress in the address bar
198.133.219.25
If you get the cisco web site...the issue is the dns...
add the following
dhcpd dns [primary dns ip address] [secondary dns ip address] (as given by your isp)
If the ISP does not send dns info the auto_config will not work...
you will have to add the above command...
If you want to use ping for testing you will need to set up an access-list on your config...
access-list inbound permit icmp any any echo-reply
access-list inbound permit icmp any any unreachable
access-list inbound permit icmp any any time-exceeded
access-group inbound in interface outside
Good Luck
0
 

Author Comment

by:mitnick69
ID: 10953582
thanks for the help.  It's working fine now, think it was the no glabal setting that did it

Just about to give up tonight when I realised I'd  I broken the number one rule though.... remember to plug the cable in!!!
0
 
LVL 23

Expert Comment

by:Tim Holman
ID: 10957335
...you could have got away without mentioning that !  ;)
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Suggested Solutions

Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now