Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations bkrike on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Pix 501 Home Setup for ADSL

Status
Not open for further replies.
mRgEE

mRgEE

IS-IT--Management
Oct 13, 2003
61
GB
Hi,

I have just purchased a Pix 501 for my network.
Currently I am using a Netgear DG834G Wireless Router / Modem / Firewall for the Network as shown below: -

Internet < > DG834G < > LAN

I need to implement the Pix behind the DG834G as such: -

Internet > < DG834G > < 501PIX > < LAN

I have been assigned two public IP addresses from my ISP.

My thoughts were to assign public IP 1 to the DG834G and public IP 2 to my Pix. However, as the DG834G is acting as a Wireless Access Point for my LAN this would be 'in front' of the PIX.
Question is would I still be able to utilize the Wireless Access Point for my wireless LAN clients with the PIX behind the DG834G?

The main reason for the Pix is to utilize VPN as well as hosting multiple services such as https on different internal servers.
 
Sort by date Sort by votes
With that proposed setup - The wireless clients will need to VPN in through the pix to gain access to the internal lan.
You can move the netgear inside your pix and that would remove that restriction as well as a lot of setup hassle.


Brent
Systems Engineer / Consultant
CCNP, CCSP
 
Upvote 0 Downvote
If I was to move the netgear inside the pix then how would the netgear (or pix) connect to the Internet via my ADSL connection? Would the Netgear still be able to connect to the Internet??? Or would this require connecting a seperate ADSL modem directly to the Pix and then configuring the ADSL through this?
 
Upvote 0 Downvote
The netgear would get an external ip (relative to itself) from your internal LAN. The wireless users would get an IP from the internal DHCP of the netgear.

Internet <-> ADSL Modem <-> PIX <-> LAN

The DSL modem has an ethernet connection, just put that in the outside interface of the pix.



Brent
Systems Engineer / Consultant
CCNP, CCSP
 
Upvote 0 Downvote
So what your saying is replace the netgear with a new ADSL modem connected directly to the pix, and put the netgear behind the pix. I get that, I don't understand what you mean by "The netgear would get an external ip (relative to itself) from your internal LAN". Are you able to explain in more detail? Thanks.
 
Upvote 0 Downvote
Ok, I didn't know that your netgear WAS the DSL modem.
If you can justify the extra equipment, I would get a seperate DSL modem (should be supplied by the ISP.)

Now for the setup. If the netgear has an ethernet jack for the outside interface, you just plug that into the switch attached to the pix. Now either have the pix, dhcp server or statically assign an address to the netgear outside interface (It will be an address that is on your internal lan) and the inside interface of the netgear will be a different subnet from your internal lan. What that phrase meant is that the netgear will have an external address as far as it is concerned but that address will be one on your local lan, and not a global IP that can be reached from the internet.



Brent
Systems Engineer / Consultant
CCNP, CCSP
 
Upvote 0 Downvote
Hi,

I can't see a way you can utilise the Netgear as an access point if you need it on the inside of the PIX. Can your budget stretch to a Cisco 107 router and a separate access point (the Cisco 107 is about £140.00, the Linksys WAP54G is quite cheap - about £35.00)? If so, assign 1 public IP to the107, 1 to the PIX outside interface, forward traffic from the 107 to the PIX and use the access point on the PIX inside interface. Ditch the Netgear.

Regards Colin.
 
Upvote 0 Downvote
Thanks for all the replies.

I think I will ditch the Netgear (have grown quite attached to this device (pun) due to it's ease of use and stability).

I currently have a spare wired ADSL router kicking about in the house (bt voyager) that I could probably utilize to connect to the internet in front of the pix. In this scenario would I have to assign my public IP address 1 to the wired router and my public IP address 2 to the pix? Or is only 1 public IP address needed?

Also I am considering connecting a plain old ADSL modem to to the PIX rather than a router. Does anyone have recommendations on specific models or will any old ADSL modem with ethernet suffice?

Any views on whether I should use "Router > Pix" or "Modem > Pix"???

Behind the PIX I will purchase a new Wireless Access Point.

This seems to be the most secure option.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sparrow4
  • Locked
  • Question
Configure Avaya IPO R11 / VM Pro + Office365 or Exchange for voicemail to email
Replies
2
Views
809
Johnkite
Johnkite
XLNTech1
  • Locked
  • Question
iptables port forwarding
Replies
0
Views
685
XLNTech1
XLNTech1
xwray
  • Locked
  • Question
PIX 501 DHCP Server function
Replies
0
Views
202
xwray
xwray
Shmid
  • Locked
  • Question
Restricting Sonicwall SSL-VPN users for WAN access
Replies
7
Views
999
Shmid
Shmid
WhosYourDiffie
  • Locked
  • Question
Cisco ASA 5506 VPN for Avaya Phones
Replies
0
Views
283
WhosYourDiffie
WhosYourDiffie

Part and Inventory Search

Sponsor

Back
Top