Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Multiple static IPs and PIX cause ARP trouble with ISP's CMTS

Status
Not open for further replies.
mbarrett03

mbarrett03

MIS
Aug 11, 2004
11
US
I am, admittedly, not an expert in the Cisco PIX or NATTing by any stretch of the imagination. However, I have programmed my PIX to work correctly on Cox's network which I was successful at, and it worked great. Now, I've changed my ISP to Charter Communicatation and things are not working well at all. My config is pretty simple. I have three static IP's from Charter which I use to host three websites on behind the PIX. So lets call my 3 IP's from Charter 100.000.000.1, 100.000.000.2 and 100.000.000.3. I assigned the .1 IP address to be the WAN IP of the PIX. From that IP, I use PAT to translate it to one of my three internal address, 192.168.1.5, and allow to pass through. I also use static(inside,outside) nat rules to translate the other two real world IP's to my two other internal IP's. 100.000.000.2 -> 192.168.1.6 and 100.000.000.3 -> 192.168.1.7. I also have access rules to allow to pass through on those IP's as well. What is happening since I moved to Charter is that almost every night between 6 and 8 PM I lose internet connectivity. It's important that I mention that the three internal IP addresses (.5,.6,.7) are all on one server (hence one MAC address). I spoke with a tech last night and he told me that the CMTS is getting it's ARP table updated for the WAN IP and that is causing the whole production to come to a screeching halt. Since I think I have a pretty standand setup for allowing multiple IP's to pass through a firewall, I asked the tech how other customers with more than one IP are able to keep working. He had no answer. Am I missing some major underlying concept behind Natting here?? This is a normal, basic setup?? How would one use three IP addresses with a Natting devise such as the PIX without screwing up the CMTS's ARP table? Why would it work with Cox and not Charter? The only suggestion the tech had was for me to NAT everything going out from the PIX to one of the static IP's from them....this clearly has a flaw though since I can't apply the global PAT rule to the static IP's .2 and .3 as it would conflict with the static(inside,outside) rules. Please help me!
 
Sort by date Sort by votes
I would say if they problem is pretty regular between 6 and 8 PM then it is a different issue. Are you able to send pings out from another machine? What is the Pix log saying? Does the interface go down? Do a trace route from an inside host to google or some other known external IP. Where does the route end? I dont believe it is a ARP issue. Regardless of what statics you have ARP shouldnt be messing it up.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sameer258
  • Locked
  • Question
Need Help to Find ip and mac address with email who one open my email
Replies
0
Views
662
Sameer258
Sameer258
intel233
  • Locked
  • Question
Cisco ASA 5510 -Static NAT Help
Replies
8
Views
622
intel233
intel233
Tommy_T
  • Locked
  • Question
Sonic wall - Have an issue remotely connectioning VNC and SMB (and AFP) to one of the 2 ISP circuits
Replies
1
Views
508
nnaarrnn
nnaarrnn
Nitta84
  • Locked
  • Question
navigation slow and tcp syc/ack drop
Replies
0
Views
443
Nitta84
Nitta84
ISDPCMAN
  • Locked
  • Question
Cannot connect to TZ-215 Sonicwall appliance with web browser!
Replies
0
Views
144
ISDPCMAN
ISDPCMAN

Part and Inventory Search

Sponsor

Back
Top