Still problems configuring pix 501

[pctech64]

I'm still stuck with my pix 501 configuration; I can browse the internet and access the internet from my Mac wireless connection with the Dlink DIR-655 router but the objective to access my cisco lab rack can't get it done yet, nor can I access the web page of the Dlink router to configure another Dlink wireless bridge in the living room; I'm very frustrated and have lost many hours googling on this and nada; I'm about to think the way I got it set up will never work right but my techie instint tells me I'm missing something; I need more help guys because this is the lab I got to configure to be able to access it from school to learn on hands configurations for my CCNA CCNP.
This is the basic set up I'm trying;
Cable modem >> Pix501 >> Dlink DIR-655 >> Desktop PC
V
V
Dlink Wireless Bridge
V
V
Mac Book pro

The wireless bridge connects other two ethernet Home Theather devices and also wireless connects Xbox360, BlueRay player and another Desktop with a Dlink wireless NIC

I'm posting my pix config to see if any one can help!!
Thanks All in advance, again!

PIX Version 6.3(3)
interface ethernet0 auto
interface ethernet1 100full
nameif ethernet0 outside security0
nameif ethernet1 inside security100
enable password 8Ry2YjIyt7RRXU24 encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
hostname pixfirewall
domain-name ciscopix.com
fixup protocol dns maximum-length 512
fixup protocol ftp 21
fixup protocol h323 h225 1720
fixup protocol h323 ras 1718-1719
fixup protocol http 80
fixup protocol rsh 514
fixup protocol rtsp 554
fixup protocol sip 5060
fixup protocol sip udp 5060
fixup protocol skinny 2000
fixup protocol smtp 25
fixup protocol sqlnet 1521
fixup protocol tftp 69
names
pager lines 24
logging buffered debugging
mtu outside 1500
mtu inside 1500
ip address outside dhcp setroute
ip address inside 192.168.1.1 255.255.255.0
ip audit info action alarm
ip audit attack action alarm
pdm logging informational 100
pdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 1 0.0.0.0 0.0.0.0 0 0
timeout xlate 0:05:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00
timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00
timeout uauth 0:05:00 absolute
aaa-server TACACS+ protocol tacacs+
aaa-server RADIUS protocol radius
aaa-server LOCAL protocol local
http server enable
http 192.168.1.0 255.255.255.0 inside
no snmp-server location
no snmp-server contact
snmp-server community public
no snmp-server enable traps
floodguard enable
telnet 192.168.2.0 255.255.255.0 inside
telnet timeout 5
ssh timeout 5
console timeout 0
dhcpd address 192.168.1.2-192.168.1.129 inside
dhcpd lease 3600
dhcpd ping_timeout 750
dhcpd auto_config outside
dhcpd enable inside
terminal width 80
Cryptochecksum:ff2c1cf13a7501f74449852a8fb21190
: end

 

[pctech64]

I forgotto mention the cabling connection is crossover from modem to pix int0, straight for the rest of all 4 ports; port 1 to port 1 on Dlink router ( I tried connecting it to the internet port and that way I can access the Web interface at 192.168.0.1 but all other settings get mess up and no access; I tried crossover cable and the same results so I just use straight from port to port and from port 2 on Dlink to desktop PC ( Main PC at my office) the rest shoulb be wireless,which is one of the mayor head aches I got now since not "all" works.
The Dlink DHCP is disabled; HTTP port 8181 enable; SPI firewall disable; it is taking the ip from the pix from WAN and having its own 192.168.0.1 on the LAN side; if I change this ip to say 192.168.1.20 I still can not access its interface from my desktop!!
The subnet all is working on is 255.255.255.0
Notice I'm still like a newborn with subnetting; that said it might be an access list command to "permit" my comunications but I need to be walked through it by the hand.
I can't ping my 2 APC's Nics ip addresses (connected straight cable direct to the pix ports) these are 192.168.0.61 192.168.0.66 ( I may have to change them to 192.168.1.x but I need couch on this and confirmation)
Thats all I have for now
Please; help!

 

[engjohn]

Your pix is handing out DHCP 192.168.1.x/24 your switch and APCs are on 192.168.0.x/24

These are different networks and you will need to have a router between them or change your switch and APCs to the 192.168.1.x/24 network.

 

[pctech64]

I have no problems given an ip to the APC's because I can just get to them connecting its serial cable and change the ip; got to try that, but the router (Dlink DIR-655) interface is by default 192.168.0.1; it can be changed and I did before and I can't access it just the same; the wireless section seems to work, since it takes the ip's from the pix, which handles DHCP.
To configure this router I have to hook it straight from the modem and to the PC; as soon as I set the pix between the modem and router as you suggested, I can access Internet but can't do all I want to do just yet.
I know I'm close to get it to work; if I only can stumble into the right set up with details; after all this works then I need to set VPN access from the outside and as you can figure out i have no clue to where start; I'm thinking it will be with the pix settings access-list and all that jazz.
one thing is for sure; I'm learning and that is the most important for me.
Thanks all for the inputs

 

[pctech64]

no.. I don't think this router is designed to work with a external security appliance like the pix; currently I use it just like a switch getting Internet by port 1 from port 1 on the pix, but if i hook port 1 of pix to Internet port on router, THAT interface default ip is 192.168.0.1. From there, if the router doesn't have its own DHCP enable, nothing really works right; there is a way to "change" the default ip for the Internet interface but after done this several times I still got problems.
I wonder if it work best having the static pix inside ip 192.168.1.1 (no dhcp outside), assign that ip to the Internet interface to the Dlink and have dhcp enable on the router side, then maybe I can ping everyone in the network. But I guess the problems will be when I try VPN or telnet from outside!
I'm really stuck here and the solution might be in my face but I can't see it...any ideas??