Multiple sites ASA's connected to Cable modems with same DHCP address

Similar Messages

• How to share internet connection from cable modem through built-in airport on imac?

  I have a cable modem with ethernet going into imac. How can I share the internet connection using the iMacs built in airport with other computers that have airport cards?
  I would love to put an ethernet router between the imac and the modem and share the internet connection using the iMacs built in airport with other computers that have airport cards as well.
  Thanks!

  The setup I had working is what I have connected to the internet now. A cable modem with one ethernet jack that plugs into the iMac. The airport from the iMac broadcast to my G5 with an airport card in it and received the internet connection. The PC received it the same way from the iMac but to a Netgear wireless adapter.
  I messed things up recently adding a wired 4 port ethernet router between the iMac and the modem, so that the modem ethernet plugged into the router, and from the router, plugged into the iMac which then could receive the internet but no more airport connections to my other machines. Haven't been able to get it working since.

• Connecting to cable modem via ethernet hub

  My old airport just died and I just began reviewing the capabilities of the airport express. Would it be possible to access a cable modem if I hardwire it into my ethernet network and plug another CAT 5 cable into the airport - giving me wireless access to the rest of the computers and printers on my network.

  You cannot directly connect your cable modem to a spare port on your existing ethernet network. Not only will this not allow you to share your internet connection, but it will also significantly complicate file and printer sharing AND it will remove the all-important firewall protection that should be in place between your LAN and the internet.
  Therefore, if you want to share a cable modem connection with both wireless and non-wireless computers on a LAN, the Airport Express is not the right product for you. You need to buy either an Airport Extreme Base Station, or a non-Apple wireless router (all of which are designed to also allow a connection to a cabled ethernet LAN).

• AE Lost Internet Connection through Cable Modem

  I suddenly lost all internet connectivity. Here's the setup and issues:
  -- Two computers, a Mini and a PowerBook, both lost connection to Internet
  -- Motorola cable modem (using Comcast)
  -- Airport Express is connected to modem via ethernet
  -- I can connect directly to the cable modem with the computer via ethernet and I can get internet service; also, Comcast assured me I still have service
  -- The two computers can connect to each other via airport; file sharing, iTunes streaming, etc., works as usual
  -- I've done all the usual "unplug everything and restart" routines
  -- Nothing was changed recently that I can think of - it just lost connection to the Internet.
  Any ideas?
  PowerBook G4 17 1.67GHz 1.5Gb   Mac OS X (10.4.6)  

  I fixed it, but I don't know if it will solve the problem Ada had. I got a note from Comcast recently saying I needed to have my IP settings to be dynamic, by using DHCP. I had already made that change so didn't suspect that was the problem. However, after looking closely, I found some things to change.
  If you're using Comcast, or a similar service, then this may fix it:
  I first went out and washed my car, then came back in. I think that's an important step. I have a large car, so if yours is small, you may need to wash it twice, or wash it then wax it. Then go back inside and . . .
  In Airport Admin Utility, select your base station, then Configure.
  Switch to the Internet tab.
  Make sure it's set to Configure using DHCP
  Make sure DNS Servers, Domain Name, and DHCP Client ID are left blank (this is the step I hadn't done before).
  Click Update and close the program and wait for your base station to reset.
  This should fix it.

• WRT54GS slamming Cable modem with Packets

  I'm having trouble with my WRT54GS locking up my Cable Modem. TWC says its slamming the cable modem with too many packets. Is there any way to check this on my end? Full story below.
  A little about my set up. I have Time Warner Cable business class Roadrunner service. 5 Static IPs. 4 being used at the moment. The Cable modem has a 4 port switch built in. Port 1 has a month or so old WRT54GS router v7 latest firmware (Gateway mode, Channel 6). Port 2 goes to my Sonicwall Barracuda them my internal network which also has WRT54GS router v7 latest firmware (Router mode, Channel 1). Both routers are sitting next to each other. Ports 3 & 4 have a Vonage Router hooked to each of them.
  I started having trouble April 5 with the Internet being down that morning, then that night and falling morning. I power cycled the Cable modem to restore service. Called Time Warner Cable after the third reset. They told me that didn't see anything wrong from their end and I should call them when it is down. I did this and they said they would send someone out the next morning Friday. They came out on Friday morning and Checked cable which the tech said was fine so he replaced the Cable modem around 11:30. Fifteen minutes after he left the internet went down. I called TWC again. They did diagnostics on the cable modem from their end and saw that whatever was hooked up to port 1 was sent out 400 packets/sec. I think they said the cable modem could only handle 300. Port 1 is connect a WRT54GS v7 (latest firmware). We are using it for our Blackberries from Cincinnati Bell for WIFI and UMA service (like T-Mobiles @Home service) for VoWiFi. I turned off all the phones but the router was still slamming the modem with packets. I turned off the WiFi just in case someone hacked our WPA2 key. Still slamming the router with packets with only my laptop hardwired to it for setting up the router. I turned off the router and the modem wasn't getting hammered anymore. Port 2 which is my internal network was only up to 150 after open a lot of TV shows. Ports 3 & 4 nothing. I disconnected the WRT54GS hooked to Port 1.
  15 minutes after I got off the phone with TWC internet goes down. They send out a tech on Saturday to check the line again. he sees a slight problem on the line but it should not be causing a problem which the first guy might have thought. But since I am having trouble he goes outside and checks the connections. He finds loose connection and a bad line cap (blocking cable TV). He fixes the connections and replaced the line cap. He comes back inside and rechecks the line. Everything is great no more fluxation of signal or packet loss. I hook the WRT54GS back but it still takes down the modem. So I figure that it's just bad. So I take the WRT54GS from my internal network and set it up to match the one for the Blackberries it's replace. I install a WAP54G on the internal network in it's place. I can't get my Blackberry to get a UMA connection and doing Google searched find this page
  http://www.blackberryfaq.com/wiki/index.php/Linksys_Router_Tips
  I set up my router and Assess point with the setting from the above except the channel setting leaving them on channel 6 & 1 so they don't interfere with each other. Set: Fragment Threshold : 2304 (256-2346), RTS Threshold : 2304 (0-2347) and Beacon Interval : 50 (20-1024 ms). I also Enable WMM QOS. My phone connects and internet seems to be staying up Saturday Evening. I come to work Sunday afternoon and Internet is still up. I check my phone I have UMA signal and everything is right with the world. 20 minutes later internet goes down. I unplug the WRT54GS and power cycle the cable modem. I am now waiting to see it the internet will stay up without any WRT54GS hooked up.
  I have not had a problem before and both Linksys are not even 6 months old. I have read review were people have had trouble with the WRT54GS. Were some people have no trouble will other all kinds of trouble.

  As you said cable connected to the pc is working fine!!...connect modem to the router WRT54GS...reset the router once (30 secs) in such a way that Power light on the router is blinking...power cycle complete network i.e., unplug modem & router power cable for 30 secs...plug in modem power cable once lights are solid green plug in the power cable to the router...its important that after upgrading firmware resetting the router is important...so try this & it should deifnately work.Do the wireless & advanced wireless settings as router is currently in default settings.
  Also, you want to connect your access point WAP54G to the router & open the setup page of WAP54G using 192.168.1.245 do the wireless settings & try connecting to the wireless router & then check....should work.

• * Share One Cable Modem with 2 Airport Networks ??? *

  I'd like to have my one Motorola cable modem shared with an Airport Extreme G base station and an Airport N base station on 2 seperate Airport networks (G and N). Is this possible?
  If not, if anybody has any ideas for a workaround, that would be great.
  - thanks in advance.
  Ted.

  Yes.
  Just connect the cable modem to the WAN port of the first AirPort Extreme base station (AEBS).
  Then connect the WAN port of the 2nd AEBS to the LAN port of the first AEBS.
  Configure the 2nd AEBS so that it is acting as a bridge (not distributing IP addresses).
  You can find reference to this setup in threads describing a "dual-band" network. Also Apple's documentation describes this setup.

• Time Capsule 4 gen. with iMac OS X Lion   3 Windows PC (XP OS, Vista OS, Seven OS) cable modem with TC as Wi-Fi. Time Machine on iMac found TC for backup easily. Have Wi-Fi access on PC XP with Airport utility but cannot create TC.

  Installed today Time Capsule 4 gen. with iMac OS X Lion. I also have  3 Windows PC (XP OS, Vista OS, Seven OS). Internet Access is cable modem with TC as Wi-Fi. Time Machine on iMac found TC for backup easily. Have Wi-Fi access on PC XP with Airport utility but cannot create TC. Does the Airport utility under Windows is way to access backup capabilities with TC ?

  The TC is really just an external networked hard disk plus router.. you can access the hard disk and place files on it from any computer. You can backup any computer to the TC but it will have to use a backup software in windows.. there are literally thousands available. The built in msbackup is horrible.. but you can download lots of different software and buy then online for not a lot. Macrium Reflect has a free disk image backup, and when you pay for it includes incremental. I think disk images are well worth it, as they recover much better.. and their is a proper method of recovery using a boot cd.
  BTW the TC space is not endless. And it is designed to hold a large number of incremental backups.. so anything you do in backing up several machines will make the number of backups limited. Remember you can also use a usb hard disk plugged in as a Network accessible disk. But it has to be formatted HFS+ or Fat32.. the later being highly undesirable.

• I have a cable modem with wifi, do I have disable it to use ap extreme?

  I have a cable modem with wifi, do I have disable it to use ap extreme?

  Thanks!  I use a Roko in my bedroom to watch baseball, Netflex etc., but in my family I have an Apple TV which cannot load either of the two.
  I have not bought the AirPort Extreme yet, but will cable my cable company first.
  Any other recommendations?
  Thanks,
  PJohnny

• Connecting ASA 5510s to a DSL modem with a static IP range

  I have DSL service with AT&T and I have a Motorola 3360 modem.  We also have a /28 network of static IPs from AT&T.  When I login using PPPoE on the modem it gets x.x.x.190 as it's address.  Our range is 177-190.  I have two ASA 5510s in an active/passive failover configuration with the Ethernet port of the modem and one interface of each of the ASAs on a dumb layer 2 switch. 
  I want to setup this DSL connection as a backup to our main Internet connection.  I cannot figure out what setting on the DSL modem to use to make this happen.  I know I cannot use PPPoE in a failover setting so I can't have the modem in bridged mode.  There is some mode where it passes the 190 address to the connected device and when I plug in a PC directly to the modem and set it for DHCP it does get 190 as it's address.  So do I configure the ASA interface as 190 with one of the other addresses as it's standby?  What do I set my route on the ASA to for use of this connection?  Can I then make use of these other static addresses when plugging other devices into the layer 2 switch?

  Thanks for your prompt response.  From your information, your network near the firewalls looks like this:
  Your cable modem connects to your provider without any intervention from your equipment, and you are free to assign IP addresses from your assigned block.  The cable ISP knows to route traffic to your block down to the layer 2 segment attached to the cable mode. 
  As you described, the Motorola 3360 DSL modem is an odd fish.  I do not have personal experience with that device,  but from internet searches that appears to be a model AT&T bundles with small business DSL service.  The 3360 appears to have three modes:
  --router mode where it uses a single public IP on the WAN side and issues IP addresses in the 192.168.1.x range on the LAN side.  The modem performs the PPPoE function in this mode.
  --hybrid mode where it gets a single public IP on the WAN side and then passes that through to one device connected on the LAN side.  The modem performs the PPPoE function in this mode.
  --bridge mode.  A device on the LAN side must perform the PPPoE function.
  Various links I found indicate folks with static IP address assignments from their ISP (usually AT&T) have difficulty getting those static IP addresses to work with the Motorol 3360 except in bridge mode.
  To your original question, I'm guessing you match the configuration you performed on the cable modem side and use two of your static IPs for the ASA's.  Howver, it's unclear if the additional IP addresses will work with 3360's odd behavior.  If you have internet-exposed hosts (as shown in my simple drawing), try assigning some of the DSL static IPs to those hosts and test communications both ways -- host-->internet, internet-->host.  If possible, test two hosts at the same time to verify the 3360 can handle multiple public IPs at the same time (one posting I found claimed it could only handle one public IP address at a time).

• EA6500 can't connect to cable modem (surfboard 5120)

  Hi all -
  I've been having a problem trying to connect my new EA6500 to my cable modem (motorola surfboard 5120; charter internet service). When I use my old router (WRT320N), I have internet connectivity and no issues. I am not using bridge mode with my ISP, just automatic DHCP config. I try to access my surfboard's config page (192.168.100.1) while on my new router and get nothing, even though the lights are on and flashing on both the router and modem. No matter what I have tried, i cannot get an IP from my modem.
  I have manually updated to the latest firmware (1.1.28.147876) and tried the following suggestions from the forums and internet:
  - disabled IPv6
  - cloned PC and old router MAC addresses (cloning is DISABLED on my old, working router)
  - multiple power cycles and resets on both pieces of equipment
  - changed my network to 192.168.100.x to see if I could hit my modem; when pinging surfboard's config page (192.168.100.1) i just got destination host unreachable.
  Is it possible that my modem is not compatible? I didn't think it would matter, but its the only thing I can come up with. The settings on both routers are, as far as I can tell, the same. Any ideas?
  Thanks in advance!

  Do check if the router’s internet port has a light on when connected to your modem’s Ethernet port. It is possible that the router’s internet port is busted. Try to connect a known working Ethernet cable from one of the router’s port to its internet port and see if both ports are on. I do not really see this as a compatibility issue between the router and the modem but possible that it is a hardware problem with the router.  

• How do I add an airport extreme to a cable modem with only one ethernet port, while keeping that port connected to my Mac?

  I have a mac pro connected by ethernet to a cable modem via ethernet.    There is only one ethernet port on the modem.   
  I want to keep the Mac connected via ethernet for speed.    Is there a way that I can add an airport extreme to this set up - for my ipad and roku, and for guests to use - or do I need to buy a router to put between the modem and the mac?
  If I need a router, what kind?
  Thanks.

  The modem connects to the WAN "O" port on an AirPort Extreme router.
  The Mac Pro connects to one of the three LAN <-> ports on the AirPort Extreme router.
  Or if you do not need the ability to connect a hard drive to the USB port on the router, you can save a bit by using an AirPort Express.
  The modem connects to the WAN "O" port, the Mac Pro connects to the LAN <-> port
  Either the AirPort Extreme router or AirPort Express router will allow up to 50 wireless device to connect.
  There are many other wireless modems offered by other manufacturers as well.

• I have airport extreme 802.11AC as a base that connect to Cable modem. How can I connect D-link DIR-655 to AE to utilize as an extender or repeat?

  Hello-
  I have wireless router Airport Extreme 802.11AC that connect direct to Cable modem...how can I setup the D-Link DIR-655 wireless router to AE and act as extender or repeater?. Thanks in advance.

  Apple has done their best to install proprietary software in their wireless routers that is designed to only allow other Apple routers to repeat or extend the network wirelessly.
  So, the chances are extremely small that a D-Link....or another other router for that matter.....could be configured to do what you ask.
  There are no settings on an AirPort Extreme that would allow a D-Link device to extend the network, so all that you can do is experiment with different settings on the D-Link device to see if it might be possible for it to extend the network.
  A post on a D-Link support forum might be a good idea to see if any D-Link specialists have some ideas on this topic.
  Good luck.

• My iMac G5 is not registering the connection of cable modem

  Something freaky happen to my computer one morning about a month ago and since then, I haven't been able to connect to the internet.
  My computer is set to start up at a certain time in the a.m. and connects to the internet automatically. Recently, it started up before I awoke and when I did wake up I noticed that the my homepage for my web browser didn't load. I could tell moments later that there must have been a brief power outage to the home. I restarted my web browser and then the computer itself to no avail. I still could not connect to the internet.
  I don't know a lot about computers from a technical standpoint, but I know a little. I looked at the network configurations to see if anything stood out. The one thing I noticed was the ethernet settings read to connect the ethernet cable to the computer. Since the cable was actually connected. I figured I may have a big problem on my hands.
  The other issue I've noticed is the amount of time it takes to startup and shut down. It's not a very long time (maybe 5 minutes), but I think longer than normal or I remember prior to having internet issues.
  If anyone has any clue to what may be going on with my machine, I would definitely appreciate some insight. All suggestion are welcomed.
  BTW, I called a so called "Mac Specialist" in the town I reside in and was told that my computer's logic board needed to be replaced and it could cost me as much as $600. I most certainly hope that's not the only solution.
  Thanks in advance!

  There is a possibility the machine may have sustained some
  damages due to a power surge, a brown-out or other variation
  in electricity supplied to the machine from the grid.
  An uninterruptible power supply with an automatic voltage
  regulation circuit built into it is helpful to isolate computers
  from the variations and unpredictability of some grid power.
  This is not a surge protector. Those are not recommended.
  You could try and see if repairing disk permissions in the
  system by using that option in Disk Utility. Perhaps to
  check and repair the hard disk drive, too, by using the
  booted OS X installer's version of Disk Utility, is wise.
  On the original OS installer packet disc #1 where the
  Installer and Apple Hardware Test are located, it may
  be wise, too, to run the Hardware Test to see if any
  issues are reported or trouble indicated.
  A reset of the power management unit or system manage-
  ment controller, etc (whichever your model has) could be
  helpful, even if it starts up and runs OK after an outage.
  {And a re-install of the complete operating system on a
  fully erased (wiped, overwritten with zeroes) reformatted
  hard disk drive may be a part of this troubleshooting; if
  you keep good records of what you do and how it was
  done, even a fair tech should be able to tell you more
  directly (if they are fair and honest) of the likelihood of
  the hard disk drive being the cause of your problems.
  -Doing this would destroy all of your stuff in the Mac.}
  There is a chance that the hard disk drive may have a
  few issues after a power incident, in some cases, a
  few bad blocks or sections of the drive may be bad if
  the machine's data was affected by an outage; these
  can be checked and sometimes successfully repaired
  by using a disk utility; some suggest use of DiskWarrior.
  Have you been able to test the cable modem itself;
  perhaps reset the modem and then reattach the
  computer to it; or see if it works with another computer?
  Sometimes, even booting the computer in SafeBoot mode
  and then login, then choose to run Disk Utility's repair disk
  permissions, and then restart the computer normally, helps.
  Have you tried a second user account to see if the issue
  of connectivity is isolated to the main or admin account?
  Usually, all accounts share the main connection settings.
  Sometimes, checking and re-affirming settings can help;
  at least as part of a troubleshooting path, to see what
  doesn't fix it, and hope to find something which does.
  If the issue does come down to a hardware repair of
  more than a reasonable percentage of a refurbished
  Mac direct from the Apple Store online, consider a
  different computer. Even the low-end Intel based iMac
  is leaps ahead of the G5 iMac. (I still have G4s!)
  PS: What are you using to get online?
  In any event...
  Good luck & happy computing!

• Router connected to cable modem by Ethernet port cannot get IP address from DHCP.

  I have an ethernet cable on Fa0/0 connecting my 1841 router to my cable modem. The issue is that the router cannot obtain an IP address via DHCP when I have the "ACL-OUTSIDE-IN" ACL applied inbound on the Fa0/0 interface. I tried to allow all BOOTP and BOOTPS traffic in my ACL, but still no luck. I really don't want to run the router without a simple ACL firewall and connect it to the internet. When I take off the ACL off of Fa0/0, the router is able to get an IP address via DHCP.
  Router#sh run
  Building configuration...
  Current configuration : 10736 bytes
  ! Last configuration change at 18:14:42 MST Fri Nov 16 2012 by matt.chan
  version 12.4
  service nagle
  service timestamps debug datetime msec localtime show-timezone year
  service timestamps log datetime msec localtime show-timezone year
  service password-encryption
  hostname Router
  boot-start-marker
  boot system flash:c1841-advipservicesk9-mz.124-25f.bin
  boot-end-marker
  logging count
  logging userinfo
  logging buffered 1048576 informational
  enable secret 5 <removed>
  aaa new-model
  aaa authentication login AUTH-LOCAL local-case
  aaa session-id unique
  memory-size iomem 25
  clock timezone MST -7
  ip cef
  ip nbar pdlm flash:directconnect.pdlm
  ip nbar pdlm flash:citrix.pdlm
  ip nbar pdlm flash:bittorrent.pdlm
  ip nbar custom steam destination udp range 27000 27030
  ip nbar custom rdp destination tcp range 3389 3391 55402
  ip domain lookup source-interface FastEthernet0/0
  ip name-server 8.8.8.8
  ip inspect name fa0/0_inspect_ou icmp router-traffic timeout 10
  ip inspect name fa0/0_inspect_ou ftp timeout 300
  ip inspect name fa0/0_inspect_ou udp router-traffic timeout 120
  ip inspect name fa0/0_inspect_ou tcp router-traffic timeout 300
  login block-for 60 attempts 4 within 60
  login quiet-mode access-class ACL-ACCESS-QUIET
  password encryption aes
  crypto pki trustpoint TP-self-signed-1755372391
  enrollment selfsigned
  subject-name cn=IOS-Self-Signed-Certificate-1755372391
  revocation-check none
  rsakeypair TP-self-signed-1755372391
  crypto pki certificate chain TP-self-signed-1755372391
  certificate self-signed 01
    3082023F 308201A8 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
    31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
    69666963 6174652D 31373535 33373233 3931301E 170D3132 31313137 30313130
    35325A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
    4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 37353533
    37323339 3130819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
    8100D53F 9EB5B123 3103A4D5 82E786F7 F91C2DE5 9E409A22 80AF78F6 812F624A
    89FE9103 73C4AAAB 13FF880D F628607D 6888AC49 18BEDD77 778F0DB1 F9A796E9
    E92717CD 6DD19450 5066620A 91278C33 E38349EA 92B8C671 80761609 0AC46E6F
    2C8C6BCF ABC7E1F7 A64BD28C C85477FE B23F8A7C 555ECDF9 CE461B8D 6C017370
    0ED70203 010001A3 67306530 0F060355 1D130101 FF040530 030101FF 30120603
    551D1104 0B300982 074E5543 4C455553 301F0603 551D2304 18301680 146CA2E0
    936C651F E2ED4DCD D7025FF3 2AB029E0 95301D06 03551D0E 04160414 6CA2E093
    6C651FE2 ED4DCDD7 025FF32A B029E095 300D0609 2A864886 F70D0101 04050003
    8181004A AFA4D07C 1424DE0E EF3F17F2 BB1EA63B CB17C13D 1AEA31A1 BAB6AF77
    DB6EA8A2 2117DCD1 5530A18C 3618D568 CC7EF520 E039ACBD DA906352 BB7E51BD
    0954490C B2AB30C2 FBBE4738 C214BE1C CB63FFEA BAFC46E0 3DC419EE 714B9ABD
    144A21E3 3E54C103 FF47FAF1 412FE5C4 59ACD1FE FD72356B C8DC04C3 E2EDF275 45954C
    quit
  username <removed secret 5 <removed>
  ip ssh maxstartups 10
  ip ssh time-out 60
  ip ssh authentication-retries 2
  ip ssh port 2226 rotary 1
  ip ssh version 2
  class-map match-all Zuri-YouTube-Class
  match access-group name NAT-Pool-Zuri-WLAN
  match protocol http host "*youtube.com*"
  policy-map PMAP-QOS-VTI-IN
    description QOS FOR TU0
  class class-default
    shape peak 1512000
  policy-map PMAP-QOS-VTI-OUT
    description QOS FOR TU0
  class class-default
    shape peak 512000
  crypto isakmp policy 1
  encr aes 256
  authentication pre-share
  group 5
  lifetime 43200
  crypto isakmp key 6 <removed> address <removed>
  crypto isakmp invalid-spi-recovery
  crypto isakmp keepalive 10 5 periodic
  crypto ipsec transform-set EDGE-TS ah-sha-hmac esp-aes 256
  crypto ipsec profile EDGE
  set security-association lifetime kilobytes 256000
  set transform-set EDGE-TS
  set pfs group5
  interface Loopback0
  no ip address
  interface Tunnel0
  description "VTI Link"
  bandwidth 4000
  ip address 172.20.0.2 255.255.255.0
  ip mtu 1400
  ip nbar protocol-discovery
  ip nat inside
  ip virtual-reassembly
  ip tcp adjust-mss 1360
  ip ospf authentication message-digest
  ip ospf message-digest-key 1 md5 7 12090011003E5A0C0F186E752220211B4A
  keepalive 10 5
  tunnel source FastEthernet0/0
  tunnel destination <removed>
  tunnel mode ipsec ipv4
  tunnel path-mtu-discovery
  tunnel protection ipsec profile EDGE
  service-policy output PMAP-QOS-VTI-OUT
  hold-queue 75 out
  interface FastEthernet0/0
  description "Link to ISP"
  bandwidth 4000
  ip address dhcp
  ip access-group ACL-OUTSIDE-IN in
  no ip proxy-arp
  ip nbar protocol-discovery
  ip nat outside
  ip inspect fa0/0_inspect_ou out
  ip virtual-reassembly
  ip ospf cost 1
  duplex auto
  speed auto
  no keepalive
  no cdp enable
  interface FastEthernet0/1
  description "Link to LAN"
  ip address 172.16.0.1 255.255.255.248
  ip access-group ACL-INSIDE-IN in
  no ip proxy-arp
  ip nbar protocol-discovery
  ip nat inside
  ip virtual-reassembly
  ip ospf cost 1
  ip ospf priority 255
  duplex auto
  speed auto
  no keepalive
  router ospf 1
  log-adjacency-changes
  redistribute static subnets
  passive-interface default
  no passive-interface Tunnel0
  network 172.20.0.0 0.0.0.3 area 0
  ip forward-protocol nd
  ip route 10.0.0.0 255.0.0.0 Null0 name "Class A Private"
  ip route 172.16.0.0 255.240.0.0 Null0 name "Class B Private"
  ip route 172.17.0.0 255.255.0.0 FastEthernet0/1 172.16.0.2 name "Home WLAN"
  ip route 172.19.73.31 255.255.255.255 Null0
  ip route 172.27.0.0 255.255.0.0 Tunnel0 172.20.0.1 name "IPsec GRE Tunnel"
  ip route 192.168.0.0 255.255.0.0 Null0 name "Class C Private"
  ip route 192.168.0.0 255.255.255.0 Tunnel0 172.20.0.1 name "VLAN 70"
  ip route 192.168.100.1 255.255.255.255 FastEthernet0/0 70.162.0.1 permanent name "CABLE MODEM MANAGEMENT"
  ip route 0.0.0.0 0.0.0.0 FastEthernet0/0 dhcp 253
  ip dns server
  no ip http server
  ip http authentication local
  ip http secure-server
  ip http timeout-policy idle 60 life 86400 requests 10000
  ip nat translation tcp-timeout 300
  ip nat translation udp-timeout 120
  ip nat translation max-entries 2048
  ip nat inside source list ACL-NAT-172.16.0.0/29 interface FastEthernet0/0 overload
  ip nat inside source list ACL-NAT-MANAGEMENT interface FastEthernet0/0 overload
  ip nat inside source static tcp 172.16.0.4 22 interface FastEthernet0/0 2227
  ip nat inside source static tcp 172.16.0.5 3389 interface FastEthernet0/0 3391
  ip nat inside source static tcp 172.16.0.3 3389 interface FastEthernet0/0 3390
  ip nat inside source static tcp 172.16.0.4 80 interface FastEthernet0/0 8084
  ip access-list standard ACL-ACCESS-QUIET
  permit 216.161.180.16
  permit 172.16.0.0 0.1.255.255
  permit 172.27.0.0 0.0.127.255
  permit 172.20.0.0 0.0.0.3
  ip access-list standard ACL-NAT-172.16.0.0/29
  permit 172.16.0.0 0.0.0.7
  ip access-list standard ACL-NAT-172.17.0.0/24
  permit 172.17.0.0 0.0.0.255
  ip access-list standard ACL-NAT-172.17.1.0/24
  permit 172.17.1.0 0.0.0.255
  ip access-list standard ACL-SNMP
  permit 172.16.0.4
  ip access-list extended ACL-CRY-MAP
  ip access-list extended ACL-INSIDE-IN
  deny   ip host 172.16.0.2 172.27.0.0 0.0.127.255
  deny   ip host 172.16.0.2 172.20.0.0 0.0.0.3
  permit ip 172.17.0.0 0.0.0.255 any
  permit ip 172.16.0.0 0.0.0.7 any
  permit ip 172.17.1.0 0.0.0.255 any
  ip access-list extended ACL-NAT-MANAGEMENT
  permit tcp host 172.27.10.11 eq 3389 host 72.166.77.196
  ip access-list extended ACL-OUTSIDE-IN
  deny   ip 10.0.0.0 0.255.255.255 any
  deny   ip 172.16.0.0 0.15.255.255 any
  deny   ip 192.168.0.0 0.0.255.255 any
  permit tcp any any range 3390 3391
  permit udp any any eq bootpc
  permit udp any any eq bootps
  permit tcp any any range 2226 2228
  permit tcp any any range 8081 8084
  permit icmp any any echo
  permit icmp any any net-unreachable
  permit icmp any any host-unreachable
  permit icmp any any port-unreachable
  permit icmp any any parameter-problem
  permit icmp any any packet-too-big
  permit icmp any any administratively-prohibited
  permit icmp any any source-quench
  permit icmp any any ttl-exceeded
  deny   icmp any any
  deny   ip any any
  ip access-list log-update threshold 10
  logging history informational
  logging trap debugging
  logging 172.17.228.17
  logging 172.17.228.10
  control-plane
  line con 0
  exec-timeout 15 0
  privilege level 15
  logging synchronous
  login authentication AUTH-LOCAL
  line aux 0
  login authentication AUTH-LOCAL
  line vty 0 4
  exec-timeout 60 0
  privilege level 15
  logging synchronous
  login authentication AUTH-LOCAL
  rotary 1
  transport input ssh
  scheduler allocate 20000 1000
  ntp clock-period 17178311
  ntp source FastEthernet0/0
  ntp server 148.167.132.201
  end

  Hi Matt,
  Try adding below line
  ip access-list extended ACL-OUTSIDE-IN
  permit udp any eq bootpc any eq bootps
  Regards
  Najaf
  Please rate when applicable or helpful !!!

• Please help me connect eMac, cable modem, and Airport Extreme Base Station

  I connected Ethernet cord from cable modem to Airport Extreme Base Station and then another Ethernet cord from Airport Extreme Base Station to eMac, but I could not get internet access on my eMac that way. I'm only getting internet access by directly connecting eMac to cable modem. Can someone please help me with a step by step explanation of how to set these 3 machines up so that I can have internet access on both my eMac and, wirelessly, on my new MacBook. Thank you very much in advance.
  eMac & MacBook   Mac OS X (10.3)  
  eMac & MacBook   Mac OS X (10.3)  
  eMac & MacBook   Mac OS X (10.3)  

  jenngee, Welcome to the discussion area!
  Ensure that you power off the cable modem for a minute or so when you switch it to another Ethernet device.
  Ensure that you are connecting the WAN port of the AirPort Extreme base station (AEBS) to the cable modem. The eMac should connect to the LAN port.
  The steps for setting this up can be found in the "Designing AirPort Networks" (direct PDF link) document. Look through that document and try to get it setup. Then return here if you have more questions. Don't forget to post what you tried and the issues you encountered.