We have an 1841 Router with a Lease Line coming through on it. We have been advised to use a Firewall between the 1841 and our LAN, so we are using a 515e which we have in the office.
The scenario up until now has been with regards to our 515e, that on the Internal port, we have our entire IP range i.e. abc.def.ghi.0/24 (not a private IP range) and on the External port, we have a single public IP address of a different range.
Now we have a new public IP range, i.e. jkl.mno.pqr.0/24 (coming from the Lease Line through the 1841) but dont have a single public IP address for the External port.
Can we use an IP address from the jkl.mno.pqr.0/24 and single it out for the External port ? will this work ? If not, then what is the workaround or solution for this please ?
Unfortunately, we dont have access to the 1841, but we do to the PIX.
We really appreciate any help on this and a million thanks in advance.
If you really need an inside ACL, create a new ACL and apply it to the inside interface. I also don't understand that it is an implicit rule. I thought deny at the end of an ACL statement was the implicit rule.
In any case, just create a new one (with a new name :-) and apply it to the inside Interface. You can always clean up the config later.
sorry. Not sure but have you tried removing that line from your configuration? Do you really need an inside ACL? If you really need an inside ACL, create a new one and apply it to the inside interface. I think that will be the best shortcut to take.