Connecting ASA 5510s to a DSL modem with a static IP range

Similar Messages

• Can connect to DSL modem with ethernet but no go on Airport Extreme.

  I've tried everything to get this working but I can't get it right. I just signed up with dslextreme.com (a AT&T reseller) after coming off AT&T. My 12" PB hooks up fine to the new D-link DSL-2320B modem via ethernet but the Airport Extreme doesn't seem to make a working connection to it.
  Using Airport Utility 5.2.1 I've set this airport up multiple ways to no avail, even resetting it and trying to set it up from scratch. I can get it all apparently happy, with green lights all around but there is no tranfer activity on the DSL modem when I'm trying to access a webpage.
  Been told by dslextreme's customer support that the connection type is DCHP, not PPPoE per their own support page help that only covers the older Base Station.
  Any words of advice would be greatly appreciated!
  cheers

  I don't have the answer, but I am experiencing the EXACT same problem (just different service provider). I had a cable modem, worked without a hitch. Switched to DSL because the service is better where I live, and I can't get the AirPort router to actually give me internet. Help!

• Cisco ASA 5510 Site to Site VPN with Sonicwall

  I am trying to setup a VPN tunnel between a Cisco ASA 5510 (Version 8.2(2)) and Sonicwall TZ200. I got tunnel up and going and I am able to ping the Cisco ASA internal IP from the Sonicwall LAN but nothing else works. When I try to ping a host behind the Cisco ASA from the Sonicwall LAN I get the following message "Asymmetric NAT rules matched for forward and reverse flows; Connection for tcp src outside:10.20.10.x/xxxx dst inside:10.20.2.x/xxxx denied due to NAT reverse path failures" on the ASA
  Googling the above error shows issues with version 8.3 and later which looked like the nat commands were changed but the ASA I am working on is still on 8.2 and the other common issue is not adding a NAT exemption. I have double-triple checked that I did add a NAT exception rule from the hosts on the cisco network to the hosts on the Sonicwall network. Seems like I have hit a road block so any help would be appreciated. Thanks
  Here are some excertps from the config file (10.20.2.0 behind the cisco and 10.20.10.0 behind the sonicwall)
  nat (inside) 0 access-list nonat
  access-list nonat extended permit ip 10.20.2.0 255.255.255.0 10.20.10.0 255.255.255.0
  access-list outside_1_cryptomap extended permit ip 10.20.2.0 255.255.255.0 10.20.10.0 255.255.255.0
  crypto map outside_map 1 match address outside_1_cryptomap
  crypto map outside_map 1 set peer x.x.x.x
  crypto map outside_map 1 set transform-set ESP-3DES-SHA
  crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
  crypto map outside_map interface outside
  crypto isakmp enable outside
  crypto isakmp policy 5
  authentication pre-share
  encryption 3des
  hash sha
  group 2
  lifetime 28800
  group-policy SiteToSitePolicy internal
  group-policy SiteToSitePolicy attributes
  vpn-idle-timeout none
  vpn-tunnel-protocol IPSec
  split-tunnel-network-list none
  tunnel-group x.x.x.x type ipsec-l2l
  tunnel-group x.x.x.x general-attributes
  default-group-policy SiteToSitePolicy
  tunnel-group x.x.x.x ipsec-attributes
  pre-shared-key *****
  Added few excerpts from config file

  Yes inspect icmp is enabled in global_policy
  The ping requests time out (The only ping that works is when I ping from the remote side to the ASA internal IP address, no other pings from either side work)
  #show crypto isakmp sa
  1   IKE Peer: x.x.x.x
      Type    : L2L             Role    : responder
      Rekey   : no              State   : MM_ACTIVE
  #show crypto ipsec sa
  interface: outside
      Crypto map tag: outside_map, seq num: 1, local addr: x.x.x.x
        access-list outside_2_cryptomap extended permit ip 10.20.2.0 255.255.255.0 10.20.10.0 255.255.255.0
        local ident (addr/mask/prot/port): (10.20.2.0/255.255.255.0/0/0)
        remote ident (addr/mask/prot/port): (10.20.10.0/255.255.255.0/0/0)
        current_peer: y.y.y.y
        #pkts encaps: 0, #pkts encrypt: 0, #pkts digest: 0
        #pkts decaps: 39543, #pkts decrypt: 39543, #pkts verify: 39543
        #pkts compressed: 0, #pkts decompressed: 0
        #pkts not compressed: 0, #pkts comp failed: 0, #pkts decomp failed: 0
        #pre-frag successes: 0, #pre-frag failures: 0, #fragments created: 0
        #PMTUs sent: 0, #PMTUs rcvd: 0, #decapsulated frgs needing reassembly: 0
        #send errors: 0, #recv errors: 0
        local crypto endpt.: x.x.x.x, remote crypto endpt.: y.y.y.y
        path mtu 1500, ipsec overhead 58, media mtu 1500
        current outbound spi: 0ED0F897
        current inbound spi : 596CCE6F
      inbound esp sas:
        spi: 0x596CCE6F (1500302959)
           transform: esp-3des esp-sha-hmac no compression
           in use settings ={L2L, Tunnel, PFS Group 2, }
           slot: 0, conn_id: 50327552, crypto-map: outside_map
           sa timing: remaining key lifetime (sec): 7440
           IV size: 8 bytes
           replay detection support: Y
           Anti replay bitmap:
            0xFFFFFFFF 0xFFFFFFFF
      outbound esp sas:
        spi: 0x0ED0F897 (248576151)
           transform: esp-3des esp-sha-hmac no compression
           in use settings ={L2L, Tunnel, PFS Group 2, }
           slot: 0, conn_id: 50327552, crypto-map: outside_map
           sa timing: remaining key lifetime (sec): 7440
           IV size: 8 bytes
           replay detection support: Y
           Anti replay bitmap:
            0x00000000 0x00000001

• Westell ProLine 6100 DSL modem with generic wireless router

  I am planning to purchase the Starter Verizon high speed internet plan.  It comes with a free Westell ProLine 6100/6110 DSL modem.  The combined modem and wireless router is $55.  I have a wireless router (Linksys and Cisco).  Can I use the Linksys or Cisco wireless router with the Westell ProLine DSL modem, or will I have compatibility problems?  Thanks.

  To use that modem with a router, I point to:
  URL: http://www.dslreports.com/faq/13600
  Location: All DSLR (dslreports.com) FAQs » Verizon Online DSL FAQ » Hardware » How do I use a router with the Westell 6100?
  ^^
  Otherwise, you will...
  #1 NOT be able to go anywhere online because of Double NAT.
  #2 Or if you can go some where online then..
  ..For example: If you want to allow users from the net to connect to your computer, you can't just portforward in your generic wireless router. You must also portforward in the Westell 6100. (Called Double NAT Forwarding)
  Points to: portforward.com -> Other Guides -> Port Forwarding Behind Two Routers?
  ^^
  I will leave this up to you on what you want to do. Good luck.
  If you are the original poster (OP) and your issue is solved, please remember to click the "Solution?" button so that others can more easily find it. If anyone has been helpful to you, please show your appreciation by clicking the "Kudos" button.

• Safest settings to connect airport extreme A1354 to DSL modem

  I want to connect my DSL modem  (Motorolla 3347) to my Airport extreme (A1354) which will be used as a base for connecting multiple wireless devices.
  I would preferr not to bridge the airport. What are the safest settings to select on the airport for wifi security and most function using airplay?
  Thanks.

  I would preferr not to bridge the airport.
  In that case, you would need to check to see if the Motorola modem/router can possibly be configured to act as a simple bridge mode modem. If it can, then the AirPort can be configured to act as the main router for the network handling DHCP and NAT services.
  Next check with your ISP to make sure that they will support you for this type of configuration.
  IF....the modem can be configured to operate as a simple bridge...and IF....your ISP will support this type of setup, then the AirPort Extreme needs be configured to Connect Using = PPPoE.
  The safest settings for Wi-Fi are WPA2 Personal, also known as WPA2-PSK-AES with a long password comprised of random letters and numbers.
  AirPlay does not care what type of connection that you have as long as the signal is strong enough.

• Networking problem with E4200 + DSL modem with Talktalk UK

  Hi,
  I've spent the last couple of days trying to sort this out, including a phone call to the Linksys tech support (useless) and a chat with a friend, who is an expert programmer and network engineer, all to no avail. This is my last try before sending the router back as 'fautly'...
  I bought the E4200 to build a hi-speed reliable home networking. My ISP is Talktalk (UK) and I have a DSL broadband (spec at the bottom). As modem I'm using a d-link ADSL2+ DSL-320B . This is a wired modem with 1 ethernet port. The router is connected to the modem only ethernet port. And this is what is happening:
  1. The modem connects to internet with zero problem. If the computer is connected to the modem I've got 15Mbit download speed stable!
  2. The router connects to internet when linked to the modem (I can see the public IP address + DNS on the router status page)
  3. The computer is connecting to the router (LAN connection, wired on port 1)
  4. The computer DOES NOT connect to the internet. No ping, no webpage load, nothing...
  This are the things I've already tried with no success:
  1. Tried more than one computer (PC+mac)
  2. Tried different modem (used my current gateway as modem)
  3. Disabled all antivirus/firewall/protections on the PC
  4. Set a different IP address of the router (default: 192.168.1.1 - I tried also 192.168.1.2 ; 192.168.2.1) keeping the modem IP on 192.168.1.1) - subnet mask 255.255.255.0
  5. Set a different IP of the modem keeping the router IP address set to 192.168.1.1 (same IPs tried as above)
  6. Set the modem lan IP to static 192.168.1.2
  7. Clone the PC MAC address
  Needless to say that the Cisco Connect software failed to solve the issue.
  Talktalk UK has the following connection parameters:
  Encapsulation: PPPoA (PPP over ATM)
  MTU: 1432
  Multiplex VC Method
  Internet IP Address: Dynamic
  VPI: 0
  DNS: automatic
  VCI: 38
  Authentication methods: CHAP
  All these setting + connection UserID and pass are set in the modem so no need to set them in the router.
  My friend said that the ISP can be limiting the number of IP address released and therefore the address is used by the router and the PC connected to the router cannot connect to internet... I have no idea what this mean and I have not found this information on either this or the ISP website...
  Anyone has any idea/suggestion/comment?
  Thanks,
  L

  Well in this case you can try to ping the global DNS i.e.. 4.2.2.2, if it gets the positive replies then try to ping the yahoo.com . If even that gets the positive replies then provide that DNS on the router setup page.
  If the DNS does not give the positive replies that means the ip address that you are getting on the status page of the router is not valid...
  Connect your computer directly with the Modem.......Click on start... Go to run … Type CMD ...Enter ….You will see a black window that is command prompt, type ipaddress/all and check the physical address that you are getting on there.. Then connect the computer with the router again.. And check the Physical address that you are getting on the status page of the router... If both the physical address are same and you are getting an ipaddress as well then you should be online... And if the physical address is not same then click on setup and go to Mac address clone tab and enter the physical address manually..

• The connection between a Westell 6100 DSL modem and my new Apple Extreme is not stable.

  My new airport extreme and a Westell 6100 DSL modem are connecting, but the wifi is now slow and unstable.  How do I configure the modem and Airport Extreme so that they function together better?

  The resason that the password shows long key length after clicking save settings is just for security purpose so that password can not be rechecked .....so you don't have to worry about the lenght of your DSL password ....it is correct even after saving the settings.....
  Now as you said that Modem is already  under bridge ..... & you are trying to use PPPOE settings on router .... in that case you should get Internet Ip address under status tab of router after clicking connect .....as you are getting the error message "cannot get an Ip from PPPOE server"  ..... i assume that Modem is not configured under 100% Bridge Mode.....
  Check once again with your Internet service provider if the modem is in Bridge mode or not....

• How do I connect an Airport Extreme to my ISP with a static IP address?

  I have 5 static IP addresses from my ISP. The cable modem has five ethernet jacks. I run an ethernet cable from separate jacks on th cable modem to the devices listed next. I have one static IP address assigned to a Linksys wireless router for a MS network. Another is used by my VoIP router. I want to use a third static IP address for my Airport Extreme and set up a new network for a server running Leopard Server, iMacs, latptops. When I enter a static IP address in the Airport Extreme, I can't connect to the internet. Can anybody help?

  When you configured your Airport Extreme with one of the five static (and public) IP addresses available to you - did you remember to also configure the Airport Extreme with your ISP's router (or "gateway") IP address as well as the IP address(es) of your ISP's domain name servers?

• Given wireless range of Time Capsule is 150', will this work? Put DSL modem on phone line in garage, connect ethernet to small office bldg (125') and connect separate ethernet to main house (200'). Time capsule on each end (or Airport Express)? Thx

  Given Time Capsule wireless range is 150', will this solution work? In detached garage, connect DSL modem to phone line, then connect ethernet cable to DSL modem and run 125' to small office bldg. Connect separate ethernet cable to DSL modem and run 200' to main house. Put time capsule or Airport Express in each bldg resulting in separate wireless networks in each? Thanks.

  This will work very well. You can run a CAT5e (or CAT6) Ethernet cable up to 330 feet...or 100 meters...with virtually no signal loss.
  CAT6 costs a bit more, but will handle next generation Ethernet speeds, so if you have a choice, suggest that you opt for CAT6 cabling.

• I cannot connect to the net through my TC with pppoe

  I used to connect to the internet using my TC as a router, connecting via PPPoE using a DSL modem.
  While my ISP had a problem with their network, the TC stop connecting to the PPPoE host and the amber light kept blinking. Because this was taking too long, I decided to investigate this issue.
  I tried connecting my laptop directly to the modem, the restored my original configuration.
  My MacBook Pro connected via ethernet to the DSL modem, is able to connect to the internet using a PPPoE connection. When I try the same via the TC, it just doesn't connect!
  What should I do to troubleshoot this?
  Is it possible that it is related to my ISP? Even though the laptop manages to connect via PPPoE.
  Even the DSL modem when switched to router functionality is able to connect via PPPoE.
  Only the TC seems to fail. What could be the problem?

  Even the DSL modem when switched to router functionality is able to connect via PPPoE.
  If your modem is acting as a router, you could configure the Time Capsule in Bridge Mode to connect that way. Is that a possibility that you could consider? A potential downside here is that if you have a dual band Time Capsule, the Guest Network feature cannot be enabled when the device is configured in Bridge Mode.

• Should DHCP be turned off on DSL Modem?

  I have an AEBS (5th gen) and an  Airport Express in a roaming configuration (connected by ethernet cabling) as directed by Apple's article HT4260.   An Actiontec GT701-WG is my DSL modem with the wireless turned off.  I assumed DHCP should've been turned on on the Actiontec because this function was being performed by the AEBS.  However, after a day the AEBS wouldn't connect to the internet so I turned DHCP "on" on the Actiontec and AEBS now connects.  My fear is this will cause problems down the road (two devices performing DHCP).
  Thanks for the help.  I'm not tech savy and would like to finish the setup properly.
  Jeff

  In a roaming network, you would want the router directly connected to the Internet to have both NAT & DHCP enabled ... even if you want its wireless disabled. All other routers downstream of this router should be in bridge mode (NAT & DHCP disabled). If you haven't seen it already, you may want to use this Apple Support article as a reference.

• DSL modem disconnect​s nightly at 8:25 pm

  I have a Westell 7500 wireless DSL router and 3Mbps service through Verizon DSL.  There is my desktop, Vonage VOIP adapter, Directv DVR, Verizonwireless Network Extender, HP Photosmart all in one printer, Dell laptop (connects wirelessly) all connected to the DSL router.  Every night like clock work, my internet connection goes down at 8:25pm.  I can set my watch by it.  It does not matter whether I am using my internet connection or not.
  The green DSL light will go out completely along with the green internet light.  The DSL light will flash green and the turn solid green and the internet light will turn on red and remain that way until I reboot the modem.  Then the connection comes back up.
  Is there a setting on the modem page that I can adjust to fix this issue?
  When I went on vacation, I turned the desktop and printer off.  The laptop went on vacation with me so it was not connected.  All that was on the DSL router was the Vonage VOIP adapter and the Verizonwireless Network Extender.  The connection was up when we came home.  I was not able to deteremine whether the connection went down while we were away, but usually when it goes down and does not get power cycled, the network extender goes down and will not come back up regardless of the internet status.  When we came back, both the DSL moden and network extender were connected.
  Also, does anyone know if it is possible to connect a second Westell 7500 DSL Modem to another phone jack in the house so that we do not have all this equipment on the same modem?  Would that make a difference?  I would disable the wireless on this modem so as to not cause any interference.

  The modem settings should be fine if you are connected and working fine otherwise. One thing you may want to look for and check is a setting for what mode ADSL uses. This should be set to MMODE or automatic so the modem can use the best mode supported with Verizon's equipment. Away from that, see if you can supply the DSL statistics from your modem. They should give us an idea of your package and line condition.
  ========
  The first to bring me 1Gbps Fiber for $30/m wins!

• Cisco asa 5510 Patch OpenSSL to 0.9.8j or later

  Our PCI scan found the following bug "Patch OpenSSL to 0.9.8j or later"
  We have an ASA 5510 running 8.2(2) with the following ssl: ssl encryption rc4-sha1 aes128-sha1 aes256-sha1
  Reviewing the 8.2x OpenSSL notes in the releases documentation it specifices it is using 0.9.8 but not which version.
  Can someone recommend which version to upgrade to?

  Cisco is still evaluating this and hasn't released fixed code yet:
  http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl
  -- Jim Leinweber, WI State Lab of Hygiene

• Faxing through the dsl modem and not a internal modem

  I use to fax things with the internal modem a few years back. Anyway to do this through the dsl modem now? I don't see a graphic for the modem to click on but the old internal modem icon is still on screen.
  Thanks
  Tony B.

  Unless you have converted to digital VoIP type of phone line, there is no reason that you can't fax on the same phone line as you have your DSL on. You just can't use the DSL modem as the fax modem.
  Some DSL modems have a "line" and "tel" jack -- plug the "line" jack to the wall and plug the "tel" jack to your fax. Got a phone plugged into the "tel" jack? Put a "Y" splitter on the fax and telephone and plug the splitter into the "tel" jack.
  Some DSL modems only have one single RJ-11 jack. But they provide DSL splitter filters -- one non-line side is filtered for fax and phone, the other is unfiltered for DSL. Run the filtered side to your fax or separate Radio Shack Y-splitter to your fax and phone.
  Some DSL modems with the single RJ-11 jack don't provide the "Y" splitter filtered/unfiltered thingy, and instead only provide single in-line DSL filters (one RJ-11 input and one RJ-11 output). Buy a Radio Shack "Y" splitter, run one output to the DSL, run the other output to the in-line DSL filter and on to the fax or second Y splitter then on to the fax and phone.
  You just can't use the DSL modem as a fax modem; you still need to use the built-in fax modem of your computer, or Apple external USB modem or equivalent if you don't have an internal fax modem, in order to fax.

• Ipod touch question DSL Modem ?

  sorry for many question but i need to no if i connect Wireless Router to the
  DSL Modem can the ipod touch wifi works

  Ok thank that is good