Right now if I need to forward a port to a certain PC on my lan, I have to forward it on 2 routers. First I have to forwared the port on my Cisco 678 DSL Modem to my Linksys Wireless Router, then I have to forward said port to the PC of choice on the Linksys.
Is there anyway to just forward *all* ports to my Linksys? And then let my linksys be the "firewall". Is that a bad choice? Or even better is there away to eliminate the private subnet that my Cisco creates? (that my linksys is the only device on) Maybe setup the Cisco 678 as a "bridge" instead of a router? Will disableing NAT on the Cisco accomplish this?
"Travis" <some...@microsoft.com> wrote: > Is there anyway to just forward *all* ports to my Linksys? And then let > my linksys be the "firewall". Is that a bad choice? Or even better is > there away to eliminate the private subnet that my Cisco creates? (that > my linksys is the only device on) Maybe setup the Cisco 678 as a > "bridge" instead of a router? Will disableing NAT on the Cisco > accomplish this?
If your Linksys can do PPPoE, there is a possibility that you can use an unsupported configuration that you should never tell Qwest that you are using. Assuming you're an Xmission customer through Qwest.
In many cases, you can reconfigure the 678 for bridging and fire up a PPPoE client, and it'll Just Work.
Qwest may break it if they hear about you doing it, so, um, don't tell 'em. They want you to have to use PPPoA on the dsl modem, but a security patch they had to install on their equipment about a year ago inadvertently made it possible to use this non-standard configuration.
From their perspective this is a 'problem' that they can 'fix' if they decide to. The impression i got from browsing dslreports a while back was that they had turned it off in some neighborhoods in colorado.
It does however solve all the annoying issues i ever had with CBOS. I have a spare 678 configured for PPPoA in case i have to call Qwest to fix a DSL issue.
> If your Linksys can do PPPoE, there is a possibility that you can use an > unsupported configuration that you should never tell Qwest that you are > using. Assuming you're an Xmission customer through Qwest.
> In many cases, you can reconfigure the 678 for bridging and fire up a > PPPoE client, and it'll Just Work.
Nice! Thanx for the tip. Works like a charm so far and saves me a "hop".
"Travis" <some...@microsoft.com> wrote: > > If your Linksys can do PPPoE, there is a possibility that you can use > > an > > unsupported configuration that you should never tell Qwest that you are > > using. Assuming you're an Xmission customer through Qwest.
> > In many cases, you can reconfigure the 678 for bridging and fire up a > > PPPoE client, and it'll Just Work.
> Nice! Thanx for the tip. Works like a charm so far and saves me a "hop".
Plus the 678 is no longer selectively mangling the payloads of some of your packets, too. (Cisco says this is a 'feature' that you are not allowed to 'fix')
> Plus the 678 is no longer selectively mangling the payloads of some of > your packets, too. (Cisco says this is a 'feature' that you are not allowed > to 'fix')
> It's a great way to run.
Curious, do you have any more details on this packet mangling? I've never noticed it myself, but never really looked for it, either. Perhaps I trust my equipment too much? ;-)
Anthony Chavez <a...@anthonychavez.org> wrote: > Curious, do you have any more details on this packet mangling? I've > never noticed it myself, but never really looked for it, either. > Perhaps I trust my equipment too much? ;-)
I don't remember if there are other problems, but the one that sticks out is the way that CBOS changes the TTL on DNS packets so that nothing ever expires.
This can be a major, earth-shattering problem if you were running a public dns server for your domain behind a Cisco 67x router, and then wanted to change one of your records. Much of the internet would cache your old records until the cache was purged - usually manually, by restarting the daemon.
This caused some real problems for people, but cisco insists it's a feature. It's even touted as a unique cisco feature in some documentation - they don't only do it on the 600 series. It only occurs if you use "network-address port translation" - which is far more useful and way more cumbersome to say than 'NAT', which is why people almost always use 'NAT' to describe a router that also remaps port assignments so as to compress address space.
True NAT is just 1:1 address mapping with no port remapping, and recent versions of CBOS don't do it. iirc the really old versions would do a port-for-port forward to a single IP if you wanted it to.
PPPoE is fully supported, and is just as simple as he described. Bridge the Cisco and use the PPPoE client in your Linksys to login with your XMission username and password. Your IP will then be assigned to the WAN port of the Linksys instead of the WAN port of the Cisco. Piece of cake, and a good way to avoid a dual-NAT setup like you have now.
Qwest.net *does* support PPPoE in some areas (although I've been told that they deprioritize PPPoE traffic on their network). But with XMission as your ISP, it makes no difference to Qwest what protocol you are using to connect to us over your DSL line. And if they complain at some point, tell them I say its none of their damn business.
Travis wrote: > Right now if I need to forward a port to a certain PC on my lan, I have to > forward it on 2 routers. First I have to forwared the port on my Cisco 678 > DSL Modem to my Linksys Wireless Router, then I have to forward said port > to the PC of choice on the Linksys.
> Is there anyway to just forward *all* ports to my Linksys? And then let my > linksys be the "firewall". Is that a bad choice? Or even better is there > away to eliminate the private subnet that my Cisco creates? (that my linksys > is the only device on) Maybe setup the Cisco 678 as a "bridge" instead of a > router? Will disableing NAT on the Cisco accomplish this?
>PPPoE is fully supported, and is just as simple as he described. Bridge >the Cisco and use the PPPoE client in your Linksys to login with your >XMission username and password. Your IP will then be assigned to the >WAN port of the Linksys instead of the WAN port of the Cisco. Piece of >cake, and a good way to avoid a dual-NAT setup like you have now.
>Qwest.net *does* support PPPoE in some areas (although I've been told >that they deprioritize PPPoE traffic on their network). But with >XMission as your ISP, it makes no difference to Qwest what protocol you >are using to connect to us over your DSL line. And if they complain at >some point, tell them I say its none of their damn business.
>warren woodward >XMission DSL/UTOPIA Services
Does this work only if you have a modem plugged into a router/switch?
I just tried my Zoom X3's PPPoE None, PPPoE LLC, & PPPoE VC-Mux from Albuquerque. In each case, modem reboot got to ADSL connected & stalled. I went back to PPPoA & it connected ok.
[& yes, I waited long enough; well, longer than I had to wait for PPPoA to connect.]
Also, any word on shortening ping times? I'm still getting 110ms. No problem for me, but I was wondering...
Cheers, Bob
--- bg...@xmission.com --- -- <> Robert Geer & Donna Tomky | |||| We sure |||| <> <> bg...@xmission.com | == == find it == == <> <> dto...@xmission.com | == == enchanting == == <> <> Albuquerque, NM USA | |||| here! |||| <>
> Does this work only if you have a modem plugged into a router/switch?
> I just tried my Zoom X3's PPPoE None, PPPoE LLC, & PPPoE VC-Mux from > Albuquerque. In each case, modem reboot got to ADSL connected & > stalled. I went back to PPPoA & it connected ok.
> [& yes, I waited long enough; well, longer than I had to wait for > PPPoA to connect.]
> Also, any word on shortening ping times? I'm still getting 110ms. No > problem for me, but I was wondering...
