trying to install a 2nd router in order to keep a computer on a 2nd subnet...can't get to internet

sf49sfan
sf49sfan used Ask the Experts™
on
I have a Cisco Pix 501 firewall currently setup.   I'm looking to setup a 2nd subnet so I can put one computer on it.   That computer needs to have internet connectivity.   I tried to install a Linksys RVS4000 behind the Pix, configured it with a 192.168.2.1 address an have disabled its DHCP server.   What else do I need to go to get that one computer behind the RVS to get to the internet?  
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Commented:
you need to have 2 IP addresses on your Linksys - one on the WAN interface, facing PIX, the other will be the Gateway address for the second subnet. If you want to disable the DHCP - fine.
as an example, if you have class A address on the rest of the network, it will be something like:
PIX --> [10.15.15.134 - linksysWAN] ----> [192.168.2.1 - Linksys LAN]--->[192.168.2.100 - ClientPC]

that should work. but if you do have a domain on your main network, your computer wont be able to see any shares etc, without additional work. also possible that depending how tight the security at your place is, you may not have inet access with that setup at all, no matter what.

Commented:
lost a sentence there in the first post.
"...if you want to disable DHCP - fine, but you have to statically assign the address to the client computer to be in same subnet as the "internal" address of the linsys (aka Gateway).
Commented:
Lisij is correct.  
Just another thought, if you have DHCP running on your main network, you can set the Linksys router to get it's WAN IP through the DHCP on the main subnet.  Then on your linksys, set the Lan IP at 192.168.2.1/24 and turn on DHCP.  

This way DHCP from your main network will setup your Linksys (IP & DNS) for internet access, and the DNS information will get passed down to your single computer on the new subnet.  The Linksys should route through the cisco to the internet.  

I think this Lisij was alluding to this in his last statement - It would be easier to use DHCP because you wouldn't have to setup all the DHCP client settings manually.

If there is a need to have a certian IP on your isolated workstation, you could manage that through the DHCP - IP scope, or do everything static like in Lisji's post.

Author

Commented:
Thank you very much for your feedback.   I split the points cause Lisij jumpedi n first but I understood dosdet2's message more.   I hope that is satisfactory for both of you.   Thank you both for your timely and wonderful responses.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial