I have a PIX-515 firewall at my CoLocation datacenter to secure my network. At my main datacenter I have Sonicwall 4100. My company supports multiple clients in the building and uses the Sonicwall to keep their networks separate. Also, it too has an Internet connection. Clients when browsing web pages etc... will use this connection and servers use the PIX. This way I can keep traffic separate and better use my bandwidth. Both datacenters are connected by a private 100Mbs fiber connection and I can ping the CoLo PIX from a client computer so I know my routes are ok.
My problem is that a client has a web server that they want on the Internet, but it must stay on their local segment i.e. I cannot place it on the same VLAN as my other servers. Since it is manditory that all servers go out the CoLo PIX I run into issues. I can easily give them a public IP address on the PIX, but once the traffic hits the webserver and tries to go back out to the Internet, the Sonicwall's default gateway kicks in and the packets are never returned to the PIX. Is there a way on the PIX that I can make a rule to sort of trick the Sonciwall that the traffic is coming from my inside interface instead of the outside? This way my Sonicwall would see traffic coming from 10.20.50.1. When the traffic comes back from the webserver, the Sonicwall knows that it is not a public IP and can route the packet back to the PIX. The Sonicwall internal routing works properly as I can get to every subnet without issues on my network.