Wireless Router configured as WAP
-
- New Member
- Posts: 20
- Joined: Sun Apr 06, 2008 5:50 pm
- Location: Columbia, Tennessee,United states
Cisco pix 501 firewall
How do you setup a wap on a Cisco pix firewall profided by the church. There is no sticker on the top to help you on the address. I hear that they have quit making these. Thanks for any help you can give.
-
- Community Administrator
- Posts: 34504
- Joined: Sat Jan 20, 2007 2:53 pm
- Location: U.S.
If it's truly just a WAP, then plug it in.mojo_jojo wrote:How do you setup a wap on a Cisco pix firewall profided by the church.
If it's a Router and WAP such as what one generally finds in the stores for home use, then you need to follow the instructions given in the thread.
Go to any computer directly connected to the firewall. Open a DOS box and type "ipconfig"mojo_jojo wrote:There is no sticker on the top to help you on the address.
Look at the "Default Gateway". That is the IP address of the Cisco Router/Firewall. I think that's all you need to use the instructions upthread.
Have you searched the Help Center? Try doing a Google search and adding "site:churchofjesuschrist.org/help" to the search criteria.
So we can better help you, please edit your Profile to include your general location.
So we can better help you, please edit your Profile to include your general location.
- aebrown
- Community Administrator
- Posts: 15153
- Joined: Tue Nov 27, 2007 8:48 pm
- Location: Draper, Utah
The Church did install some wireless networks for buildings that use the Cisco Pix firewall. These typically used Cisco Aironet 1200 WAPs. If you have one of those, then the whole setup (firewall and WAPs) is supported by the GSD.mojo_jojo wrote:How do you setup a wap on a Cisco pix firewall profided by the church. There is no sticker on the top to help you on the address. I hear that they have quit making these. Thanks for any help you can give.
If you don't have a Church-managed wireless network, your stake president can choose to authorize and fund one to be managed by the stake technology specialist. If you go this route, it might be easiest to get your own router that you would place behind the firewall and then connect additional WAPs (or routers with DHCP disabled that can function as WAPs) to that router to create your own wireless network. Then your own router would be the DHCP server and the router and WAPs would be on your own subnet, and so you wouldn't have to be concerned with how the Pix is configured.
Questions that can benefit the larger community should be asked in a public forum, not a private message.
- Biggles
- Senior Member
- Posts: 1609
- Joined: Tue May 27, 2008 5:14 am
- Location: Watford, England
We have a Pix 501 firewall, that is limited to 10 licences. On a temporary basis until we can obtain a new firewall, I'm proposing to connect a Tp-Link TL-WR543G wireless router, after the firewall, to connect our FHC and clerks computers onto a subnet seperate from the existing WAP's. I'm working on the assumption that the router will only take up one licence and that all the computers, on this network, will share that licence, leaving the rest available for other users.
Firstly is this viable? Secondly what should I set or disable in DHCP etc.?
I can find the IP addresses, following the excellent instructions, in the previous posts.
Before anyone suggests trying to get additional licences, I have already been down that route without success!
Thanks in advance for any advice
Firstly is this viable? Secondly what should I set or disable in DHCP etc.?
I can find the IP addresses, following the excellent instructions, in the previous posts.
Before anyone suggests trying to get additional licences, I have already been down that route without success!
Thanks in advance for any advice
-
- Community Administrator
- Posts: 34504
- Joined: Sat Jan 20, 2007 2:53 pm
- Location: U.S.
@Biggles,
I'd run with default settings on the router with the exception of using WPA security on the wireless (unless you turn the WAP off.)b
I'd run with default settings on the router with the exception of using WPA security on the wireless (unless you turn the WAP off.)b
Have you searched the Help Center? Try doing a Google search and adding "site:churchofjesuschrist.org/help" to the search criteria.
So we can better help you, please edit your Profile to include your general location.
So we can better help you, please edit your Profile to include your general location.
-
- Member
- Posts: 189
- Joined: Mon May 07, 2007 6:07 pm
- Location: Live Oak, California, United States
-
- Community Administrator
- Posts: 34504
- Joined: Sat Jan 20, 2007 2:53 pm
- Location: U.S.
KenRichins wrote:FHC computer to us the church portal MUST have a church IP from the PIX they also need a church IP to run landesk in a FHC
First I've heard of that. I can see how LANDesk remote might not work.
Have you searched the Help Center? Try doing a Google search and adding "site:churchofjesuschrist.org/help" to the search criteria.
So we can better help you, please edit your Profile to include your general location.
So we can better help you, please edit your Profile to include your general location.
-
- Senior Member
- Posts: 501
- Joined: Thu Jan 03, 2008 7:52 pm
RussellHltn wrote:First I've heard of that. I can see how LANDesk remote might not work.
Also with the family history center, there might be a section on a website that needs to know about certain things to work properly, not sure.
Second, I hear what you are saying, but for me, I don't like the idea of setting up a second router with a different IP address, unless you don't do NATTING. I don't like the idea of doing double natting, because that, in my book, can cause a lot of issues. Now if you can get it set up so that you don't do Natting then I have no problem with it.
To me double Natting adds a complexity to the network that doesn't need to be there and makes troubleshooting at some point down the road more difficult. In the network world simpler is better. But to do things without Natting, means that you will need to set up a routing protocol and that would need to be worked with the global service desk.
Hope this help
-
- Community Administrator
- Posts: 34504
- Joined: Sat Jan 20, 2007 2:53 pm
- Location: U.S.
harddrive wrote:Second, I hear what you are saying, but for me, I don't like the idea of setting up a second router with a different IP address, unless you don't do NATTING. I don't like the idea of doing double natting, because that, in my book, can cause a lot of issues. Now if you can get it set up so that you don't do Natting then I have no problem with it.
Well, the current problem is the firewall won't allow more then 10 users to reach the Internet. Without natting behind the firewall, I don't see how you can reduce the number of users it sees. Yes, there may be downsides, but at the moment that 10 user limit is the biggest problem. I say try it. The worst that can happen is something doesn't work.
It sticks in my mind that in the early days of setting up systems they used wireless routers for WAPs. I don't recall any stories of problems.
Have you searched the Help Center? Try doing a Google search and adding "site:churchofjesuschrist.org/help" to the search criteria.
So we can better help you, please edit your Profile to include your general location.
So we can better help you, please edit your Profile to include your general location.
-
- Senior Member
- Posts: 501
- Joined: Thu Jan 03, 2008 7:52 pm
RussellHltn wrote:Well, the current problem is the firewall won't allow more then 10 users to reach the Internet. Without natting behind the firewall, I don't see how you can reduce the number of users it sees. Yes, there may be downsides, but at the moment that 10 user limit is the biggest problem. I say try it. The worst that can happen is something doesn't work.
It sticks in my mind that in the early days of setting up systems they used wireless routers for WAPs. I don't recall any stories of problems.
That is interesting because I thought that the firewalls came with a 50 user license. I have all my units and these include family history centers on one pix and it works fine. I know that they have more than 10 computers on them.