1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Help with bridging my gateway modem and cisco firewall

Discussion in 'Networking' started by mypolardog, May 6, 2010.

Thread Status:
Not open for further replies.
Advertisement
  1. mypolardog

    mypolardog Thread Starter

    Joined:
    May 6, 2010
    Messages:
    6
    Hi, I am in desperate need of help for my network. I have 4 computers hardwired in to the walls in the office, and a Dell server. These 4 computers are connected to a switch (D-link, has about 16 ports), and the D-link connects to my Firewall, Cisco ASA 5505. The Cisco in turn connects to the AT & T gateway 2 wire modem.

    After a power outage, I had to reset the modem, and put the modem in bridge mode for all this to work, but after I made what I thought was the necessary adjustments, my internet is still not working.

    When I plug one computer through separate ethernet cable directly into the modem, I can get internet (IP address is that of the modem) . After I change the setting of the modem to bridge mode, the internet goes off. If I plug the D-link directly to the modem, the internet doesn't work, the IP address becomes that of the server.

    What am I doing wrong? Any help would be greatly appreciated!

    Thanks in advance.
     
  2. JohnWill

    JohnWill Retired Moderator

    Joined:
    Oct 19, 2002
    Messages:
    106,418
    When you change the modem to bridge mode, you have to configure a PPPoE connection and supply the account name/password. If this was previously configured that way, the ASA 5505 should have that configured for it's WAN connection. Have you checked that?
     
  3. mypolardog

    mypolardog Thread Starter

    Joined:
    May 6, 2010
    Messages:
    6
    Thanks so much for replying. On the gateway 2 wire modem, once I log in to the modem, under broadband connection, I know I have to: 1.) change the ATM PVC search to "disable", change the address to "direct IP address" instead of PPoE (which does not require a name/ password) and submit the changes. I also know that under advanced configure services, I need to "uncheck" the enable routing box. I didn't change anything else on the modem.

    When I do this, though, the computer that I am working on, which is currently plugged directly into the modem and communicating with the modem, now changes to communicating with the cisco ASA, and then I lose the internet. I know this because under network connection> status link> details, I can see the IPv4 address, and the DNS server address, etc., and it's that of Cisco ASA. When I try to open the a browser and put the IPv4 address of the Cisco to try to see the configuration, it says that the page can't be displayed.

    Now in hind sight, should I have supplied the password for the cicso ASA after I change the address from PPoE to direct IP even thought it says not required? Also, under the section where it says get dynamic IP by default, should I have supplied some kind of address there? There's a section to put IPv4 address, subnet mask, and default gateway. I tried supplying that information for the cisco, but that didn't solve my problem.

    Under domain name server address, it asks for primary DNS and secondary DNS, should I have supplied the address of my server?

    I checked out all the other computers in the network, there are all still connected to the local server, but it's the local server that can't log into the internet.

    You mentioned configuring the ASA 5505 for the WAN connection, how do I configure it if I can't log into it? I think what you suggested makes a lot of sense, since instead of logging into to the internet through the modem, now it needs to be done through the ASA/ server. I can access that address, 10.10.77.1, from one of the computer connected to the server (not the one directly plugged into the modem for now) , but the ADSM setup screen wants me to download the setup wizard, but it the instructions says to be able to download, I need internet, which I don't have.

    I am all out of ideas, please help!

    Thanks very much, Catherine
     
  4. mypolardog

    mypolardog Thread Starter

    Joined:
    May 6, 2010
    Messages:
    6
    By the way, I just got to thinking, if when all this was working, the ASA had a username (which is my att account, [email protected], and a certain password set up, and if through all this resetting and configuring I am trying to do, my username is the same, but that password was reset, will that affect this whole setup because the ASA had the old password stored and I can't log into it to change it? Is that my problem?

    Thank you, Catherine
     
  5. zx10guy

    zx10guy Trusted Advisor Spam Fighter

    Joined:
    Mar 30, 2008
    Messages:
    6,300
    Has this ASA ever worked? Who configured this ASA? Are you adding this ASA as a new firewall into your environment?
     
  6. mypolardog

    mypolardog Thread Starter

    Joined:
    May 6, 2010
    Messages:
    6
    Hi, thanks for responding. Yes, this worked before, but everytime there's a power outage, the modem seems to forget the configuration. The IT person who set it up before told me not to reset the modem by pressing the reset button on the back, just recycle the power when there's a power outage. I did that, and it didn't work, and I couldn't pull up the modem management page to look at the configuration, so I did what I wasn't supposed to do.

    Any insight you can give would be greatly appreciated!

    thanks!
     
  7. JohnWill

    JohnWill Retired Moderator

    Joined:
    Oct 19, 2002
    Messages:
    106,418
    I'd either get a modem that doesn't lose it's marbles for every power failure or get a UPS that will power it through any power failures. :)
     
  8. zx10guy

    zx10guy Trusted Advisor Spam Fighter

    Joined:
    Mar 30, 2008
    Messages:
    6,300
    There's a lot of things going on here and I'm not sure what's what as the OP isn't being totally clear on what she has done.

    I seem to pick up that she did a rest to factory defaults on the modem and tried to convert the modem into bridge mode operation. If this is correct, the OP should be on the phone with AT&T on what the proper parameters are to have the modem function properly in this mode. The various PVC settings are critical for proper operation and their tech support should have no problems walking the OP through the setup.

    As far as the ASA is concerned, the OP needs to becareful on what she does with this firewall. There is no dedicated and marked WAN port. The firewall has what is basically a layer 2 managed switch merged with it. So depending on what port is configured to participate in the VLAN designated for WAN access, the cable for the modem needs to be plugged into this port. It's probably the first port or port 0. This also applies to the DLink switch where it also needs to be plugged into the correct port of the 8 on the back to have proper network connectivity.

    The ASA does not have a web GUI in the same sense as a Linksys or Netgear router. To administer the ASA, you either run the ASDM client software, run a browser utilizing the Java applet, or via console with either telnet or SSH. Technically, there's another option which is to directly terminal into the firewall via the console port. The above administration methods (except console access) has to be configured and turned on. So if the person who configured this ASA did not enable any of those administration methods, you'll have to console into the firewall to configure and troubleshoot.

    Based on what I'm seeing here to infer the level of networking knowledge, I would strongly recommend the OP to get the person/company that initially configured the ASA to come back and troubleshoot the problem.
     
  9. JohnWill

    JohnWill Retired Moderator

    Joined:
    Oct 19, 2002
    Messages:
    106,418
    I suspect that getting someone that knows all the gear involved would be a good first step. :)
     
  10. mypolardog

    mypolardog Thread Starter

    Joined:
    May 6, 2010
    Messages:
    6
    Yes, I agree this is quite complex since no one seems to be able to understand this network, even the IT techs that I have employed. So the next thing quick fix is to buy wireless adapter for each computer.......

     
  11. mypolardog

    mypolardog Thread Starter

    Joined:
    May 6, 2010
    Messages:
    6
    Yes, i should have bought a battery back up a long time ago, I guess I never thought I wouldn't be able to get a hold of the IT person
     
  12. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/921497

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice