Linksys router behind a PIX 501 causing applications to fail?

I didn't set this up, but will this configuration work or cause problems?

                dsl modem
                 pix 501
                   /       \
                  /         \
                 /           \
             server     wrt54g
                          /   |      \
                         /    |       \
                        /   laptop   \
                    desktop         wrt54gp2

Single static public ip from dsl provider; public ip of X.X.X.116 port forwards to server running Windows 2003 Small Business Server with Exchange 2003. The server is assigned an inside address of It acts as a file server with several shares and as a domain controller.

The Linksys is assigned an ip address of and has a local address of Default gateway on the Linksys is (Pix). The Linksys WAN port is plugged into the Pix. Client pc's are plugged into the Linksys and the Linksys acts as a DHCP server handing out ips on the 192.168.1.x network

Devices behind Linksys seem to access the server without restriction. The server cannot access devices behind the Linksys.

Will this configuration work? The reason I ask is an application running on the desktop and laptop which uses an Access database on the server that fails periodically. Word documents and Excel spreadsheets on the server sometimes stop responding, and clients that have drives mapped to the server lose their connection.

Wouldn't a better configuration be to use a cross-over cable from the one of the switch ports on the Linksys to the Pix, leave the WAN port on the Linksys empty, and stop the dhcp process on the Linksys? That way every device is using the same network address (192.168.35.x) and the Linksys acts as a wireless bridge.

There are a number of significant problems that are occurring with various applications. Could the above configuration be causing this?

Thoughts and replies are appreciated, the quicker, the better.


Who is Participating?
EricConnect With a Mentor IT ManagerCommented:
Double nat can work but I have found it to cause spiratic problems as you describe sometimes.  I agree, why protect a few workstations more than the DC running exchange :|  

I be more concerned about that sbs server if its acting as a DMZ.  Because im sure eventually it will be portscanning my network or sending me spam ;)
pjtemplinConnect With a Mentor Commented:
Your suggestion of a better configuration is exactly right.  The Linksys is NATting, thereby preventing external access into its LAN.

For clarity, "The Linksys is assigned an ip address of" should be written as "the linksys WAN address is".  Devices don't have IP addresses*, interfaces do.

* Cisco loopback addresses and similar virtual interfaces are an exception.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.