?
Solved

506E cable modem setup

Posted on 2004-04-27
8
Medium Priority
?
365 Views
Last Modified: 2010-04-09
I've just acquired a 506e I want to use it to connect to a cable modem, I'm new to this so would appreciate some help

I have managed to setup the DHCP server, when I do an ipconfig I can see an IP number in the range I.ve allocated.

When I do a show IP I can see the IP my ISP has automatically allocated me (this is DHCP too)

I can ping the 506E ok but I cannot seem to reach anything on the outside

I cannot access anything from by browser either.

I've obvously missed somethingm can anyone help.
0
Comment
Question by:mitnick69
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 2
8 Comments
 
LVL 23

Expert Comment

by:Tim Holman
ID: 10933525
Post up the config if you can ?
A PIX, out of the box, should allow anything from the inside to see the outside via PAT, unless you've added access-lists or want to do anything advanced.
Make sure you reboot all peripheral devices the PIX is connected to to clear out ARP caches, and ensure you interfaces on the PIX are set to 100full.
0
 

Author Comment

by:mitnick69
ID: 10933587
How do i reset it to the factory setting,  I've been changing settings. (I think I'm using version 6.1)

I'll have to get the config tomorrow as I've shut it down right now,  how do I show the config?

How does the PIX handle DNS?  I'm using a belkin wireless router currently and have to manually configure the DNS in my network connections.  DO i just use obtain IP/DNS automatically?

What should my connection settings be once I've reset the PIX? (I'm using XP)

Regards,
John
0
 
LVL 4

Expert Comment

by:hawgpig
ID: 10934132
MIT,
   are you connected to a qwest network....
If you are this will get a bit tricky
you will have to dual nat from the cable modem to the pix
then nat from the pix to the inside network....
Let me know if you are setting up on a qwest pppoa network
We may be able to get this going for you....

you don't have to have the pix pluged into the network to get the config
you can plug in the console cable (blue and flat) to the console
and using hyperterm get into the pix
once there type
en <enter>
then hit enter when the pix asks for a password
(assuming you havent changed the password)
If there is a password and you know it use it here
Then type
when you get the # prompt type
con t
then type
write term
This will give you a config....
Good Luck
0
Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

 

Author Comment

by:mitnick69
ID: 10941760
Here's my config,  All I want to do is have one IP in the outside that my ISP provides via DHCP,
internally I have a network with 5 pc's I want to be able to access the net etc on each of the pc's, I'm happy either specifying IP's or obtaining them from the firewall.


PIX Version 6.1(4)
nameif ethernet0 outside security0
nameif ethernet1 inside security100
enable password  
passwd  
hostname pixfirewall
domain-name mypix.com
fixup protocol ftp 21
fixup protocol http 80
fixup protocol h323 1720
fixup protocol rsh 514
fixup protocol rtsp 554
fixup protocol smtp 25
fixup protocol sqlnet 1521
fixup protocol sip 5060
fixup protocol skinny 2000
names
pager lines 24
interface ethernet0 auto
interface ethernet1 auto
mtu outside 1500
mtu inside 1500
ip address outside dhcp setroute
ip address inside 192.168.1.1 255.255.255.0
ip audit info action alarm
ip audit attack action alarm
pdm location 192.168.1.2 255.255.255.255 inside
pdm history enable
arp timeout 14400
global (outside) 1 192.168.3.1-192.168.3.50 netmask 255.255.255.0
global (outside) 1 interface
nat (inside) 1 0.0.0.0 0.0.0.0 0 0
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h323 0:05:00 si
p 0:30:00 sip_media 0:02:00
timeout uauth 0:05:00 absolute
aaa-server TACACS+ protocol tacacs+
aaa-server RADIUS protocol radius
http server enable
http 192.168.1.2 255.255.255.255 inside
http 192.168.1.5 255.255.255.255 inside
no snmp-server location
no snmp-server contact
snmp-server community public
no snmp-server enable traps
floodguard enable
no sysopt route dnat
telnet timeout 5
ssh timeout 5
dhcpd address 192.168.1.5-192.168.1.20 inside
dhcpd lease 3600
dhcpd ping_timeout 750
dhcpd auto_config outside
dhcpd enable inside
terminal width 80
0
 
LVL 23

Accepted Solution

by:
Tim Holman earned 120 total points
ID: 10947435
Do this:

no global (outside) 1 192.168.3.1-192.168.3.50 netmask 255.255.255.0

The above line is incorrect and may well be confusing things.

Also check you're getting a default route on the PIX - 'sh ip route'.

Can you ping the Internet from the PIX console ?
0
 
LVL 4

Assisted Solution

by:hawgpig
hawgpig earned 80 total points
ID: 10951193
Check to make sure you are getting your dns info from your isp...
open a browser on a machine on your internal network and type this ip adddress in the address bar
198.133.219.25
If you get the cisco web site...the issue is the dns...
add the following
dhcpd dns [primary dns ip address] [secondary dns ip address] (as given by your isp)
If the ISP does not send dns info the auto_config will not work...
you will have to add the above command...
If you want to use ping for testing you will need to set up an access-list on your config...
access-list inbound permit icmp any any echo-reply
access-list inbound permit icmp any any unreachable
access-list inbound permit icmp any any time-exceeded
access-group inbound in interface outside
Good Luck
0
 

Author Comment

by:mitnick69
ID: 10953582
thanks for the help.  It's working fine now, think it was the no glabal setting that did it

Just about to give up tonight when I realised I'd  I broken the number one rule though.... remember to plug the cable in!!!
0
 
LVL 23

Expert Comment

by:Tim Holman
ID: 10957335
...you could have got away without mentioning that !  ;)
0

Featured Post

Four New Appliances. Same Industry-leading Speeds.

But don't take it from us.  The Firebox M370 is Miercom tested and Miercom approved, outperforming its competitors for stateless and stateful traffic throughput scenarios.  Learn more about the M370, M470, M570 and M670 and find the right solution for your organization today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
In this video, Percona Solution Engineer Dimitri Vanoverbeke discusses why you want to use at least three nodes in a database cluster. To discuss how Percona Consulting can help with your design and architecture needs for your database and infras…
Suggested Courses

766 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question