• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1048
  • Last Modified:

Pix 501 DHCP

Hi All,
I have just moved, and now have a cable connection over TV cable. I have no control over the modem which was supplied to me as it controls phone/tv and Internet. Plugging directly into modem I can get internet. I have configured my pix so I can plug the pix directly into the cable modem. this works no prob. When I connect a pc to the pix i have internet and all works fine. What I want to do is connect a wireless gateway (netgear WG602) to the pix, and let the pix supply the netgear with IP address as needed. The problem seems to be that the wireless gateway doesnt seem to get address from the pix. ( Note when I plug the netgear directle to modem router I can also connect to the internet without any problems, but I want the pix between the wireless gateway and cable modem.

I have included the conf of the pix below, any help on this would be great.

sh conf
: Saved
: Written by enable_15 at 00:29:22.217 UTC Fri Jan 1 1993
PIX Version 6.3(5)
interface ethernet0 auto
interface ethernet1 100full
nameif ethernet0 outside security0
nameif ethernet1 inside security100
enable password t**************** encrypted
passwd ************ encrypted
hostname 501
domain-name Walsh
fixup protocol dns maximum-length 512
fixup protocol ftp 21
fixup protocol h323 h225 1720
fixup protocol h323 ras 1718-1719
fixup protocol http 80
fixup protocol rsh 514
fixup protocol rtsp 554
fixup protocol sip 5060
fixup protocol sip udp 5060
fixup protocol skinny 2000
fixup protocol smtp 25
fixup protocol sqlnet 1521
fixup protocol tftp 69
names
name 192.168.1.0 lan-hugh
name 192.168.1.6 hugh
access-list outbound permit tcp host 192.168.1.3 any eq ftp
access-list outbound permit tcp any any range 6346 6349
access-list outbound permit tcp host 192.168.1.3 any eq 8080
access-list outbound permit tcp host 192.168.1.3 any eq 8180
access-list outbound permit tcp host 192.168.1.3 any eq 8880
access-list outbound permit tcp any any eq 6241
access-list outbound permit tcp host 192.168.1.3 any eq 5100
access-list outbound permit tcp any any eq 3690
access-list outbound permit udp host 192.168.1.3 any eq 22999
access-list outbound permit udp host 192.168.1.3 any eq 2213
access-list outbound permit udp host 192.168.1.3 any eq 2231
access-list outbound permit udp any any eq 15561
access-list outbound permit udp any any eq 14567
access-list outbound permit udp any any eq 23000
access-list outbound permit udp any any eq 6666
access-list outbound permit tcp host 192.168.1.3 any eq 28900
access-list outbound permit icmp host 192.168.1.3 any echo
access-list outbound permit udp any any eq 2213
access-list outbound permit udp any any eq 4500
access-list outbound permit udp any any eq isakmp
access-list outbound permit tcp host 192.168.1.3 any eq ssh
access-list outbound permit tcp any any eq 81
access-list outbound permit tcp any any eq 6881
access-list outbound permit tcp any any eq https
access-list outbound permit tcp any any eq www
access-list outbound permit udp any any eq domain
access-list outbound permit tcp any any eq 5100
access-list outbound permit tcp any any eq 5150
access-list inbound permit tcp any any eq 5150
access-list inbound permit udp any host 217.91.63.36 eq isakmp
access-list inbound permit udp any host 217.91.63.36 eq 4500
access-list inbound permit udp any any eq 6346
access-list inbound permit udp any any eq 14567
access-list inbound permit tcp any any eq 5100
access-list inbound permit icmp any host 217.91.63.36 echo-reply
access-list inbound permit icmp any host 217.91.63.36 unreachable
access-list inbound permit icmp any host 217.91.63.36 time-exceeded
access-list inbound deny icmp interface outside any
access-list inbound deny ip any any
pager lines 50
logging on
logging timestamp
logging monitor debugging
logging trap debugging
logging queue 0
logging host inside 192.168.1.3
mtu outside 1500
mtu inside 1500
ip address outside dhcp setroute
ip address inside 192.168.1.1 255.255.255.0
ip audit info action alarm
ip audit attack action alarm
pdm logging informational 100
pdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 1 0.0.0.0 0.0.0.0 0 0
timeout xlate 0:05:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00
timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00
timeout sip-disconnect 0:02:00 sip-invite 0:03:00
timeout uauth 0:05:00 absolute
aaa-server TACACS+ protocol tacacs+
aaa-server TACACS+ max-failed-attempts 3
aaa-server TACACS+ deadtime 10
aaa-server RADIUS protocol radius
aaa-server RADIUS max-failed-attempts 3
aaa-server RADIUS deadtime 10
aaa-server LOCAL protocol local
aaa authentication ssh console LOCAL
http server enable
http lan-hugh 255.255.255.0 inside
snmp-server location ********
snmp-server contact *************
snmp-server community ******
no snmp-server enable traps
tftp-server inside hugh tftp-root
floodguard enable
sysopt connection permit-ipsec
crypto ipsec transform-set myset esp-des esp-md5-hmac
crypto ipsec transform-set sota esp-aes-256 esp-sha-hmac
isakmp enable outside
isakmp identity address
isakmp nat-traversal 20
isakmp policy 20 authentication pre-share
isakmp policy 20 encryption des
isakmp policy 20 hash md5
isakmp policy 20 group 2
isakmp policy 20 lifetime 14400
isakmp policy 50 authentication pre-share
isakmp policy 50 encryption aes-256
isakmp policy 50 hash sha
isakmp policy 50 group 5
isakmp policy 50 lifetime 14400
telnet timeout 5
ssh ************* 255.255.255.240 outside
ssh lan-hugh 255.255.255.0 inside
ssh timeout 15
management-access inside
console timeout 0
dhcpd address 192.168.1.4-192.168.1.15 inside
dhcpd lease 3600
dhcpd ping_timeout 750
dhcpd domain donkey
dhcpd auto_config outside
dhcpd enable inside
username *********************************** encrypted privilege 15
terminal width 80
Cryptochecksum:623783d9790efe9516c9b697b41a7424


0
Huwa
Asked:
Huwa
1 Solution
 
Darkstriker69Commented:
Technically a wireless gateway does not need an address to provide wireless users with internet access, it is just used for configuration purposes. Are you saying that computers connected to your wireless gateway are not able to retrieve an ip address? You can test this by connecting a laptop to your wireless gateway and seeing if the laptop retrieves an IP address from DHCP. If it does not you might need to expand your ip range as you only have 12 ips available (or use a crossover cable if your not). If it does you have other issues such as you may need to reboot your cable modem to match the mac of your pix outside interface to the cable modem.

In any event you have all the statements you need for DHCP.
0
 
HuwaAuthor Commented:
Hi Dark,

Problem is resolved, it was the actual configuration of the gateway I had wrong,
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now