FIOS and CISCO PIX
harddrive747
Enthusiast - Level 3

I'm looking to upgrade a DSL circuit to FIOS at a business.  I may have asked this question before, but it has been a long time.

Currently the set up is this

DSL ---> MODEM ------> PIX Firewall.  The modem is in bridge mode because the IP address beginning at 71 is on the device.

It works terrifically.

Now can FIOS be plugged directly into the PIX Firewall Internet port, so I wouldn't need a verizon router?

Second, if I do need a verizon router, then how can I make it a pass through to one port and then take the other 3 ports and wireless and set them into a VLAN that will get it's address from the PIX?

So it would look something like this.

FIOS ----> FIOS Router -----> PIX  Internet Bridge (Say Etherenet port 1)

PIX -----> Ethernet -------> FIOS Router   So that we get the internal 10.net address on the 3 ports (Ethernet Ports 2,3,4) and wireless.

Thanks for letting me know.  I know about turning off DHCP and other stuff.

Terry

0 Likes
Re: FIOS and CISCO PIX
prisaz
Legend

You do not need the Verizon router as the primary router, but the default install is MOCA coax to the WAN port. Have the tech turn on the Ethernet port at the ONT, and install the Verizon router with the Ethernet wan port to make sure it works. From what I have heard most techs want to use coax, and do not want to use ethernet. Perhaps they don't all have RJ-45 crimpers or know the pin outs. If you have a good ethernet cable pre run from where the ONT will be located, that will help you fight the battle. If any trouble shooting is required, they will want to have their router as primary. But after the tech leaves, you can switch your router as primary.

Your setup

PIX --> Ethernet --> FIOS Router   So that we get the internal 10.net address on the 3 ports (Ethernet Ports 2,3,4) and wireless.

My Setup

ONT Ethernet - WAN - IPCOP Linux  based router LAN - 16 port switch - Verizon router's LAN- Wireless and MOCA.

I use no WAN port on the Verizon router. My IPCOP Linux router issues all IP addresses, firewalls, filters, and logs everything. Even runs transparent proxy for the Web, so all web traffic is logged. All on a cheap AMD Single core chip, 512meg ram,  80gig HD.

PIX should work fine. But my public IP used to be in a class A subnet 74 range, but has since been taken to a class B. It was a little better before. If you have a business class FIOS and pay for fixed IP, your service should be better. TOS restricts servers on a residential service, and blocks some in comming ports. All mail needs to forward through Verizon's mail server. I am not sure what DSL has been doing, but these SPAM wars have been a pain.

0 Likes