access to wireless behind firewall
-
- New Member
- Posts: 48
- Joined: Thu Sep 11, 2008 8:34 pm
- Location: Washington, IL
access to wireless behind firewall
I have installed a WRT150N Linksys router/wireless device on the outgoing side of the ASA 5500 and can connect to the internet through it. I need to encrypt the connection but the standard 192.168.1.1 gets me into the Verizon modem/router.
I have made a wired connection to the device and changed it to 192.168.1.2 so that I can access it but any and all addresses (192.168.1.1 and 1.2), even the first available IP address the firewall should be assigning it (10.217.12.226) has the same result.
UPDATE: For whatever reason, I can connect to it wired using a LAN port and set it up but I can't get back into it wirelessly using the 192.168.1.2 IP address. My concern is when I need to change the encryption, I will have to do the same thing again, connect to it wired.
I tried using all of the IP addresses that are reserved after the firewall address (10.217.12.226-231) with the same result.
Any ideas?
I have made a wired connection to the device and changed it to 192.168.1.2 so that I can access it but any and all addresses (192.168.1.1 and 1.2), even the first available IP address the firewall should be assigning it (10.217.12.226) has the same result.
UPDATE: For whatever reason, I can connect to it wired using a LAN port and set it up but I can't get back into it wirelessly using the 192.168.1.2 IP address. My concern is when I need to change the encryption, I will have to do the same thing again, connect to it wired.
I tried using all of the IP addresses that are reserved after the firewall address (10.217.12.226-231) with the same result.
Any ideas?
-
- Community Administrator
- Posts: 34418
- Joined: Sat Jan 20, 2007 2:53 pm
- Location: U.S.
First, if the Verizon modem/router is also a wireless access point, you need to disable the wireless part.
Second, I'm unclear as to what you mean by connecting to the "outgoing" side of the church firewall. By policy, all Internet traffic goes though the firewall. There should be nothing between the church firewall and the Verizon modem.
Once we've made sure those two things are right, we can move on.
Second, I'm unclear as to what you mean by connecting to the "outgoing" side of the church firewall. By policy, all Internet traffic goes though the firewall. There should be nothing between the church firewall and the Verizon modem.
Once we've made sure those two things are right, we can move on.
Have you searched the Help Center? Try doing a Google search and adding "site:churchofjesuschrist.org/help" to the search criteria.
So we can better help you, please edit your Profile to include your general location.
So we can better help you, please edit your Profile to include your general location.
- Mikerowaved
- Community Moderators
- Posts: 4734
- Joined: Sun Dec 23, 2007 12:56 am
- Location: Layton, UT
Can you please define "outgoing side"? Is this the WAN side where the modem is, or the LAN side where the computers and such are connected?jworth wrote:I have installed a WRT150N Linksys router/wireless device on the outgoing side of the ASA 5500...
So we can better help you, please edit your Profile to include your general location.
-
- Community Moderators
- Posts: 9858
- Joined: Mon Mar 17, 2008 12:30 am
- Location: USA, TX
The WRT150N should be connected to the Cisco ASA 5505 with a cable running from a LAN port on the ASA and then to a LAN port on the WRT150N. Do not connect to the WRT150N using its WAN or Internet port. The DHCP server of the WRT150N should be disabled. A good IP address to assign the WRT150N is one of the five IP addresses immediately following the IP address of the ASA, which is written on a sticker pn the outside of the device. (Alternatively if there is a computer connected to the ASA you can use ipconfig from the command prompt to find out the ASA's IP address.) These IP addresses are not used by the ASA's DHCP server and therefore can be assigned to devices such as WAPs for their static IP address.
JD Lessley
Have you tried finding your answer on the ChurchofJesusChrist.org Help Center or Tech Wiki?
Have you tried finding your answer on the ChurchofJesusChrist.org Help Center or Tech Wiki?
-
- New Member
- Posts: 48
- Joined: Thu Sep 11, 2008 8:34 pm
- Location: Washington, IL
RussellHltn wrote:First, if the Verizon modem/router is also a wireless access point, you need to disable the wireless part.
Second, I'm unclear as to what you mean by connecting to the "outgoing" side of the church firewall. By policy, all Internet traffic goes though the firewall. There should be nothing between the church firewall and the Verizon modem.
Once we've made sure those two things are right, we can move on.
The wireless router in the Verizon modem was disabled.
I meant the LAN connection on the wireless device and not the Internet connection.
-
- New Member
- Posts: 48
- Joined: Thu Sep 11, 2008 8:34 pm
- Location: Washington, IL
-
- New Member
- Posts: 48
- Joined: Thu Sep 11, 2008 8:34 pm
- Location: Washington, IL
jdlessley wrote:The WRT150N should be connected to the Cisco ASA 5505 with a cable running from a LAN port on the ASA and then to a LAN port on the WRT150N. Do not connect to the WRT150N using its WAN or Internet port. The DHCP server of the WRT150N should be disabled. A good IP address to assign the WRT150N is one of the five IP addresses immediately following the IP address of the ASA, which is written on a sticker pn the outside of the device. (Alternatively if there is a computer connected to the ASA you can use ipconfig from the command prompt to find out the ASA's IP address.) These IP addresses are not used by the ASA's DHCP server and therefore can be assigned to devices such as WAPs for their static IP address.
Yes, that is how I connected the firewall, from the LAN port on the ASA to a LAN port on the WRT150N. DCHP is disabled and the IP address of 10.217.12.226 is assigned to it with the firewall IP address being 12.217.12.225
-
- New Member
- Posts: 48
- Joined: Thu Sep 11, 2008 8:34 pm
- Location: Washington, IL
The issue is to change the encryption on the wireless device, I should be able to connect to it using the assigned IP address of 192.168.1.2 so as not to conflict with the Verizon modem/router but it gives me an invalid IP address doing that way.
If I connect with a cable to one of the ports on the WRT150N, I can get into it.
The websites that can be reached from it are being filtered by the firewall but there is no encryption on it.
Is there something that I am missing?
If I connect with a cable to one of the ports on the WRT150N, I can get into it.
The websites that can be reached from it are being filtered by the firewall but there is no encryption on it.
Is there something that I am missing?
-
- Community Administrator
- Posts: 34418
- Joined: Sat Jan 20, 2007 2:53 pm
- Location: U.S.
That's not going to work. The Firewall is also a router. You need to assign a IP address that's within your subnet. 192.168.x.x is outside of the subnet.jworth wrote:The issue is to change the encryption on the wireless device, I should be able to connect to it using the assigned IP address of 192.168.1.2 so as not to conflict with the Verizon modem/router but it gives me an invalid IP address doing that way.
What's is being assigned 10.217.12.226?
Have you searched the Help Center? Try doing a Google search and adding "site:churchofjesuschrist.org/help" to the search criteria.
So we can better help you, please edit your Profile to include your general location.
So we can better help you, please edit your Profile to include your general location.
-
- New Member
- Posts: 48
- Joined: Thu Sep 11, 2008 8:34 pm
- Location: Washington, IL
RussellHltn wrote:That's not going to work. The Firewall is also a router. You need to assign a IP address that's within your subnet. 192.168.x.x is outside of the subnet.
What's is being assigned 10.217.12.226?
I assigned the wireless device the 10.217.12.226 address. The desktop machine in the clerks' office has the address of 10.217.12.231. In previous threads, I was told that needed to be a static address within five higher IP addresses with DHCP turned off so the firewall assigns the addresses.
So, the assigned IP address should be the address used to access the wireless device?