new public ip block using existing default gateway??

Scott Payne · ‎08-22-2007

We just recently ran out of public ip addresses. ATT issued us a new block which is on a different subnet. My question is how do I assign these new public ip addresses that point to the original subnets default gateway.

Here is an example of what i am talking about (I changed the ip's):

Internal Network: 64.150.200.128/27 this is the new block

Subnet Mask: 255.255.255.224

Destination: 64.150.199.132 This is the default gateway to the original block

Available range: 64.150.200.129-158

Bottom line is that I have to add more equipment with a new block that ATT is pointing to the original default gateway. We are using a PIX 515 with no router.

Hopefully I am making sense.

royalblues · ‎08-22-2007

well i am may not have understood what is exactly that you are looking for, but you can have this new block reside behind the PIX inside interface and ask your ISP to forward the traffic to these destination to your own WAN IP facing the ISP router.

Narayan

Richard Burts · ‎08-22-2007

Narayan

My understanding of the question is significantly different than your appears to be. I think the issue is how to get the addresses assigned for use inside the firewall and to get the devices using the addresses to forward to the correct gateway.

I agree with you that the ISP part of it is easy: just ask the ISP to route the new block to the existing PIX outside address (which the provider is probably ready to do).

If the question involved a router the solution would be easy: just configure a secondary address on the router inside interface. But on a PIX it is more complicated. I am thinking that the solution may be to have inside end stations continue to use the existing private address space, continue to use the PIX inside address as their default gateway, and to configure additional address translation with the new addresses.

HTH

Rick

HTH

Rick

Scott Payne · ‎08-22-2007

Thanks for the response, Rick. I do believe ATT has pointed the new block of ip's to the default gateway. You think NAT is the way to go to resolve this issue? Assign public ip's to our eqiuipment and nat that to the current DG? Do you know of any documentation that has an example of what I am trying to accomplish?

Jon Marshall · ‎08-22-2007

Hi

As with Narayan and Rick i'm not entirely clear what the issue is.

The default gateway 64.150.199.132 - what device is this on ?.

If you just want to use the new public IPs for internal servers the you can either

1) Do as Rick suggested and keep the internal servers on their private IP's and NAT to the new public IP's on the pix

OR

2) It sounds like you don't have any spare interfaces on your pix. You can with a 515 run 802.1q so you could run two separate vlans down the same link. This would give you a spare interface in effect.

HTH

Jon

Scott Payne · ‎08-22-2007

Hi Jon,

I apologize for being so unclear about my issues. I am a DWDM guy that was thrown into the ring of networking. The default gateway is on the PIX. I guess a router would make this hwole thing a lot easier. I will try everyone's suggestion and will let you know how it works tomorrow.

Thanks for your patience.

scott

Jon Marshall · ‎08-22-2007

Scott

No need to apologise. I know that sometimes when i explain things it sounds perfectly sensible to me but not to anybody else :)

Appreciate the rating and hope it goes okay. If you have any issues please don't hesitate to get back to us.

Jon