Best Practice for changing Routable IP Space

Unanswered Question
Jun 13th, 2007
User Badges:

We are currently changing ISPs and therefore changing our /24 routable space and was looking for some insight on how others have accomplished this.


We currently have service with Carrier A and as part of a WAN converstion to Metro Ethernet we are moving our IP service to Carrier B. I've tried to convience the higher-ups to keep both and utilize BGP so we wouldn't have to go through a transition with no luck.


The need currently is to run both during a conversion period. I have concerns over routing as we start to move translations from one network to the other. Has anyone else gone through this process and offer any insight? Is it best to purchase another firewall bundle or just make the new service another interface on existing firewalls?


Thanks.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jon Marshall Wed, 06/13/2007 - 23:11
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Hi


As long as yur new ISP routes the new /24 to your firewall there is no reason why you cannot use the same firewall for both connections. And you can move across the translations on your firewall one at a time although you will not be able to tranlsate the same private address to 2 public ip addresses so you need to decide how easy it would be for you ie.


Inside server 192.168.5.1

Old public IP for inside server 217.10.10.1

New Public IP for inside server 231.12.12.1


If you need both translations at once then you might be better off looking for a separate firewall bundle but if you don't there is no reason why you can't use the same firewall.


HTH


Jon

anandramapathy Thu, 06/14/2007 - 02:11
User Badges:
  • Bronze, 100 points or more

What about DMZ ? DO you have any existing DMZ & are you going in for a DMZ solution ?


How many interfaces does you firewall have ? is it a PIX or an ASA ?


If you are going to run both ISPs at the same time, then you will have to think of routing for your Links.


The Cisco firewall support 1 single route

so you may have to do a Policy route on the Current internet router to distinguish new ISp & old ISP traffic

Actions

This Discussion