Cisco Firewall :: Connecting ASA 5510s To A DSL Modem With Static IP Range
Feb 27, 2013
I have DSL service with AT&T and I have a Motorola 3360 modem. We also have a /28 network of static IPs from AT&T. When I login using PPPoE on the modem it gets x.x.x.190 as it's address. Our range is 177-190. I have two ASA 5510s in an active/passive failover configuration with the Ethernet port of the modem and one interface of each of the ASAs on a dumb layer 2 switch.
I want to setup this DSL connection as a backup to our main Internet connection. I cannot figure out what setting on the DSL modem to use to make this happen. I know I cannot use PPPoE in a failover setting so I can't have the modem in bridged mode. There is some mode where it passes the 190 address to the connected device and when I plug in a PC directly to the modem and set it for DHCP it does get 190 as it's address. So do I configure the ASA interface as 190 with one of the other addresses as it's standby? What do I set my route on the ASA to for use of this connection? Can I then make use of these other static addresses when plugging other devices into the layer 2 switch?
View 4 Replies
ADVERTISEMENT
Oct 23, 2012
I have five (5) sites all connected via static VPN tunnels. They are all using Cisco ASA 5510s running 8.4(4)1. Any internal IP on each site can ping any IP on a remote site, because of the static VPN tunnels. I have the external IP (routeable) addresses connecting to each other.
Site A: 10.1.0.0 /24
Site B: 10.2.0.0 /24
Site C: 10.3.0.0 /24
Site D: 10.5.0.0 /24
Site E: 10.10.0.0 /20
I have remote users who connect using Cisco AnyConnect 3.1 to Site E. They get a static IP within the 10.10.100.0 /24 subnet (vpnpool00) and can access anything in the 10.10.0.0 /20 subnet. So far, so good.No management wants users to access devices within the other sites, specifically Site A using teh same AnyConnect connection. In other words, they get an Ip address of say, 10.10.100.5 and now need to access a server on Site A's subnet or 10.1.0.5.I have checked my NAT statements and they appear to allow this, but so far when I do a ping I get the following: Routing failed to locate next hop for ICMP from outside: 10.10.100.5/1 to inside: 10.1.0.5/0 What am I missing? Is there a NAT statement that is wrong, or an access-list statement or possibly a static route?
View 10 Replies
View Related
Dec 16, 2012
Here's my basic setup:
Computer A:
IP- 192.168.0.3
Mask- 255.255.252.0
Gateway- 192.168.0.2
[Code]....
Computer A can ping Firewall 1 and Firewall 2, but not Computer B. Computer B can ping Firewall 1 and Firewall 2, but not Computer A. Firewall 1 can ping Firewall 2, Computer A, and Computer B. Firewall 2 can ping Firewall 1, Computer A, and Computer B.
Why can't the computers ping each other, but their default gateways can? I've specifically allowed ICMP any any on all the affected interfaces.
View 6 Replies
View Related
Feb 9, 2012
I've been given the task of adding a second ASA 5510 to a live ASA and making sure that the active/standby failover works, do I need a crossover cable?
View 4 Replies
View Related
May 30, 2011
We have several ASA5540s and 5510s (v8.4.1) being managed by CSM (4.1) Every so often several of the ASAs will send SNMP messages to CSM stating very high CPU utilization reached, usually between 150% and 400% - sometimes as high as 4million %.Obviously you can't get greater than 100%.
View 1 Replies
View Related
Nov 9, 2011
Is it possible to use the USB ports on a ASA5510's to copy files onto the flash?
I have not been able to find any ionfo on this in the users guides ?
View 2 Replies
View Related
Sep 23, 2011
I have a Pix 501 running 6.3 code sitting behind a cable modem. I use ip address outside dhcp setroute because I don't have a dedicated IP from my cable provider.
How do I configure the Pix to host VPN connections from my iPad when offsite? Since the outside interface is going to change, I can't configure a static IP.
View 1 Replies
View Related
Feb 18, 2012
I have a SRP547W which I'm trying to replicate a configuration I had on an old Cisco 847 that recently died.
My ISP has allocated me a /29. The DSL configuration means that the IP address on the PPP session is assigned randomly. I have a mix of internal devices on a private IP range and a few devices with publically accessible addresses. All of the devices on the internal network need to be NATted to a public IP from the range allocated to me.
I can see that I can use the software or hardware DMZ to set up the servers, but I can't see any way to configure the external NAT address.
View 1 Replies
View Related
May 21, 2011
I wanted to move to the cisco arena, and having a bugger of a time figuring out simple nat/pat rules combined with access lists. I've been reading Richard Deal's Cisco ASA configuration book, googling the heck out of this simple problem and can't see what I'm missing.
I have an ASA 5505 unlimited security plus license running 8.2(3) and a simple network, 192.168.0.x internal, 192.168.3.x dmz (not even touching that yet!) and outside I have a /29 subnet of addresses, 25 is the gateway, and 26-30 are my addresses.
I have simple dynamic nat set up on the .26 address to nat to 192.168.0.x. All I'm trying to do is port forward a simple tcp port I set for my linux server (192.168.0.2) on the inside, for arguement's sake, it's 2222 (it's not really). My outside vlan 50 is X.X.X.226 255.255.255.248 , can I make a static nat (inside,outside) x.x.x.226 192.168.0.2 netmask 255.255.255.255 ?
I tried using (inside,outside) x.x.x.230 192.168.0.2 netmask 255.255.255.255 and that didn't work either. Is it not possible to use two external addresses to hit the entire /24 range AND a single server?
My access rule for this nat is permit tcp any 192.168.0.2 eq 2222 (where I'm using 2222 for my ssh port). then I apply that access list to the access group interface "outside".
I thought the outside interface would do a proxy arp (since I do not have the sysopt noproxyarp command) for my 227,228,229, and 230 addresses where .226 is my internal nat for all my internal machines i.e. 192.168.0.1 -> x.x.x.226 . I had this working like a charm before with my fortinet, so I know I have systems listening.
View 3 Replies
View Related
Feb 25, 2013
Region : Australia
Model : TD-W8960N
Hardware Version : V4
Firmware Version : TD-W8960N_V4_130205_Beta
ISP : TPG
I have an Optus Home Zone (mobile cell tower) that requires ports open.
Port
123 UDP
500 UDP
4500 UDP
I have assigned the Home Zone a Static IP outside the DHCP range and set the above Ports on the NAT, Virtual servers to that IP address.
I have used nmap to scan the ports and it provides open/filtered status for all of them.
Here is the kicker for me, i use a DGN3500 netgear (which keeps dropping WiFi hence its replacement) and enter the ports and it works straight away. Un plug and put the Tp-Link and nothing.
I use Eset Smart Security, could that be the problem?
View 1 Replies
View Related
Nov 7, 2011
I am currently working on a job that has roadside equipment sending in data to an office-based instation server via a private APN. This is currently working fine and data is being received. However, for maintenance reasons its is necessary to connect from the instation server back out to the roadside equipment's web GUI. Currently this isn't working! I think this is because they are on different IP ranges. [code] I've tried messing about with adding routes and changing the mask address but so far have had no luck.
View 4 Replies
View Related
Dec 20, 2012
Although I haven't looked through all the forum topics I couldn't find anything very similar to my situation. I have a rather large house and my modem/router (Netgear DGND3300 v2 due to DSL) is in the very corner. Given this most of the opposite corner of my house gets either poor or no connection; however, I do have an ethernet cable run across the house through the basement to my home theatre setup. This is where I encounter another problem, I need multiple devices to be connected via ethernet and I also need to have wireless in that same area. In my mind I picture myself connecting a second router to this ethernet cable through which I could have wired connections to all my devices, and a second router broadcasting wirelessly. I'm familiar with some types of wireless bridging, but I'd rather use more of a wired bridge concept if possible, but I've never really seen something like this. The question is, is this possible? Or, what is another possible way to achieve the same results? The only other thing I can think of is to run an ethernet hub from the original wired connection to my home theatre so I can connect multiple ethernet devices and run a separate wireless extender or something, but this just seems pricy.
View 2 Replies
View Related
Jun 26, 2012
Im having problems staying connected to my internet. I have Verizon Fios router that is wired into this desktop i also have 2 laptops and now im trying to connect a second desktop wirelessly to the router. My Netgear Rangemax PCI picks up the signal at 68% and connects to the router. But periodically it disconnects from the router and i click connect to a network icon and it shows that i have no wireless internet as if no PCI card is installed so i wait a min then it shows up again and windows network diagnostic kicks in and "resets the network adapter" and all is well for about 15min till it disconnects again.
View 1 Replies
View Related
Apr 7, 2011
My Dell XPS (Windows XP) is not connecting to my network..can't get anything to show up on the networks in range list. My other laptop is fine. But I just upgraded to Firefox 4 on the Dell, and then the connectivity went askew.
View 2 Replies
View Related
Sep 15, 2011
I've put in an SRP-527W for a client and got it working fine. However, it's not connecting using the 5 static IP addresses BT gave me. Where do i input the 5 static IP's on the router that it should connect using?
View 1 Replies
View Related
Aug 4, 2011
I have a wireless network in a 2 storey house. The internet access and 1 WRT54GS router is on the 1st floor (using frequency channel 11). The wireless single doesn't do very well on the second floor unless there is a device with a strong antenna. I recently purchased a WET610N Bridge and I have an extra WRT54GS (using frequency channel 1).
I would like to be able to add wireless to the 2nd floor by attaching the extra router to the bridge which would wirelessly connect to the router with the internet.
View 2 Replies
View Related
Feb 16, 2012
My adolescent son wants to create a server to host video games. We, the parents, want to separate our computers and files from all the crazy security risks my son and his friends take, while allowing them to learn by their mistakes.I want 2 separate networks, or does this make sense? Would love to have our computers (assorted PC's, Macs, both laptops and desktops, running Vista Ultimate, Windows 7, OSX 10.5 and up), ipods, TV's, Blu-rays, wireless printers, etc. isolated from our son's computers, ipods, TV's, XBox, Blurays, wireless printers, (as well as the digital stuff his friends bring over).Since security is the reason for this, would love any tips over and above Brian Posey's article on Tech Republic (5 common security mistakes people make on setting up wireless networks, or something like that)We have Optimum high speed (testing up to 65 mps) internet service and 5 static IP addresses to work with.
View 4 Replies
View Related
Apr 16, 2013
I had an WRVS4400 (but didn't use the wireless), it it died. I'm replacing with an RVS4000. I have all the settings from the prior router, but my question has to do with the DSL modem in use in conjunction with the router, because (in my absence) my wife had a conversation with SBC, trying to use the hook to the modem directly and ended up altering settings on the modem that may affect the RVS4000 when I go to install it upon its receipt from Amazon tomorrow.
We have a business that uses a third party software vendor's website; their servers access our data on our server behind the router. So we use a static IP address, and port forwarding. No problem there. But I could have sworn that, with the WRVS4400 we used to have the modem configured as bridged; as of this morning, the modem shows PPPoE, and my wife can't recall what SBC had her do in that regard!
So, for the situation I've described, should I put the modem into bridge mode (and porting it into the RVS4000). Like I said, we have a static WAN IP address, and a range of more static IP addresses.
View 1 Replies
View Related
Aug 3, 2011
I currently have service with AT&T DSL. I have their Motorola Netopia 3347 modem that is set to Bridged mode and going to a Linksys WRT54GL router, which then goes out to a Cisco 24 port switch.AT&T has given us a Static IP to use, which was set up and working just fine when the modem was NOT in Bridged mode. Now that I have it set to bridge mode (as per a request by our VoIP provider), our IP address is no longer static at WhatismyIP.com...instead it changes frequently. However, I have a back up server here that needs to have a static IP so offsite back ups can find our modem/router and then the back up server.I am running Tomato software on the Linksys admin. When I go to the Basic->Network section, the WAN/Internet is set to PPPoE with the AT&T username and password that was originally used in the Netopia modem entered in. If I set this option to Static, it removes the username/password fields, so I do not think that my internet would work that way. Or, would the Netopia use the username/password to authenticate, and then just pass it through to the Linksys in bridge mode and THEN it would use the static IP? what I need to do to make the Linksys grab our Static IP instead of changing? Neither AT&T or the VoIP company can figure it out...
View 2 Replies
View Related
Feb 27, 2011
I currently have a WAG354G configured with a static IP address acting as a DHCP server. Wireless is off, and instead I have an Apple Airport Extreme basestation in bridge mode to which my client machines connect wirelessly.
Instead I want to pass through the static IP address to the Apple basestation, and use this as my DHCP server.
Ultimately I want the Apple basestation to pass the static IP address through to my home server, and also supply DHCP addresses to other clients.
View 5 Replies
View Related
Dec 11, 2012
how to properly configure 2 different hardware devices to extend the current wifi signal of my home network.I'm using a Motorola SBG6580 DOCSIS 3.0 cable modem as my primary access point (AP) and a Netgear N300 DGN2200v1 ADSL2+ modem router which will function "behind" the SBG6580 in repeater mode. I previously had DSL for my internet connectivity but recently switched to broadband cable for faster speeds.Due to the layout of my home, I cannot physically connect the Netgear router to the Motorola modem via ethernet cable and need both devices to communicate wirelessly. I have already done extensive reading on this subject and best practices suggest that, whenever possible, both units should be the same brand/manufacturer. The Netgear appliance does have the capability of being configured as a repeater so if I don't have to buy a "network extender" that would be my preference.I understand that both units must be configured to have the same SSID, subnet, wireless channel and security encryption. In repeater mode the Netgear router can't be configured to use WPA2-PSK so I need to use WEP instead.
View 1 Replies
View Related
Jul 11, 2011
There is a PIX firewall and it has this configured on it.static (inside,outside) tcp interface 3389 192.168.1.250 3389 netmask 255.255.255.255 0 0.This line of code works ok for port 3389 but I want all tcp ports to be translated. Not just 3389.
View 2 Replies
View Related
Aug 11, 2011
Two days ago we received our new phone land line from Mediacom. We already had internet service from them so we decided to get a phone line. When they came over two days ago, we received a new modem, RCA DHG535-2. The issue we are experiencing is that the modem is not connecting to our rt n-16 ASUS wireless router. The modem works fine without the router but we need it for school work. The troubleshooter says "DNS is not available".A few things i tried was to unplug everything and reconnect them back from the modem to the computer.It usually works when i had trouble in the past but it seems nothing is working.
View 4 Replies
View Related
Jul 21, 2011
I have a wireless modem. Its main connections are power, and phone line. Since its a wireless modem it is not connected to my PC through wire. i have a Data card USB which is plugged in my PC. The wireless modem senses this Data card and my internet was working normally. I live in New-Zealand and I was having a Telstra Clear connection with their modem and Data card. Since it was acquired by Telecom, the internet provider had given me this new wireless modem but the Data card remains the same.Now this new wireless modem is not connecting. But the laptops are getting connected through WiFi. Since my PC has no WiFi, it uses this data card. My PC is not getting connected to the internet. I tried plugging in the USB Data card in and out, updating the drivers and stuff.I want my PC to get connected to the internet.
View 3 Replies
View Related
Jan 19, 2011
i have 2 laptops and would like to connect them to one cable modem. 1 laptop is connected to the modem by ethernet cable..how can i connect the other laptop sharing the same modem?
View 3 Replies
View Related
Aug 23, 2011
I HAVE AN I BALL BATON iB lr6111a and i need to connect the same to a router but it has only one rj45 port since the router dont have a modem how can i connect it to a modem with only one port.
View 1 Replies
View Related
Jul 7, 2011
I just had charter install a wireless cable modem into my house and it was put in my study. however, i would now like to get my xbox 360 running as well as the internet for my blue-ray player and tv. So i bought a wireless router.The modem from charter is called: Ubee wireless cable modem (from charter)The wireless router purchases is: Netgear N300 wireless router (wnr2000v3) I am trying to connect them wirelessly. Like I said above, my modem is in the study and the router is about 30 feet away in the living room area.
View 1 Replies
View Related
Feb 21, 2011
our client are using PSTN (modem) and is dialing up to our ftp box which is using ISDN (TA). according to them, they not facing any problem to dial up to other vendor which is using the same network infra (PSTN to ISDN). but, unfortunately in wont happen in my case which they (client) keep receiving the busy tone when they dialing to our ISDN no. i've set in our TA to accept both digital and analog calls and i'm using the DSS1 protocol which been told by our line provider.
View 2 Replies
View Related
Oct 25, 2012
The network card in my PC supports 1Gbit ethernet, my 2TB NAS also supports 1Gbit ethernet, however both of these are currently run through a 100Mbit cable modem/router thus reducing the connection speed. I was wondering if I purchased a 1Gbit switch and connected all my devices directly into that, then connected it into the cable modem, would the PC communicate with the NAS directly via the switch or would it go through the cable modem?
View 8 Replies
View Related
Jun 13, 2011
My aunt's connection was working fine until the other night. Apparently a storm we had knocked out their power and the next day they could not get on the internet. They were on the phone with tech support from their service provider and "had them reset the modem." This is basically all I could get as they are not very tech oriented.
From what I gathered: The modem and the router are not communicating with each other. The modem is a Motorola ADSL single port Ethernet modem, and the router is a Netgear Rangemax wireless router WPN824 v3 with the modem connected via the uplink port on the router. Whenever the ethernet cable to the PC is plugged directly into the modem, there is a connection. I exhausted my entire networking knowledge trying to figure out what could be causing this.
View 3 Replies
View Related
Jan 31, 2013
that possible to connect one telephone line with two modem (both are wireles)if possible then how?
View 1 Replies
View Related
Jan 10, 2013
I have two wireless modem/routers - a Ugo Mach5 CN458 and a Swift 4G - in two branches of my company that are distance apart and i want to connect them together so that they can be on the same network and workers in both branches can communicate and share files.
View 2 Replies
View Related
Oct 1, 2011
I have a Windows 7 computer with Comcast HSI. It's a very fast computer, but the modem was really outdated. So was the router. So, we got a brand new Cisco N+ Router and a Motorola SURFboard SB6121 modem with DOCSIS 3.0 and IPv6. However, when plugged in, the new modem will not consistenly connect to the internet. We called Comcast and they tried to send an activation code to the modem with it connected to the computer directly, but it was intermittently going online, then offline, then back online, then offline. We exchanged the modem for an identical one, but it's doing the same thing, so the modem can't be at fault here. Comcast tried to tell us that something was wrong with our coaxial cable, but our old modem - a Motorola SURFboard 4100 running DOCSIS 1.1 - was working just fine with the same cable. Another technological "improvement" has failed me.
View 7 Replies
View Related
