PIX needs 2 range of public address

Unanswered Question
Aug 21st, 2009

Hello I need to now, i have a PIX 515e work fine but the enterprise needs more public IP address, then the questio is: pix Support secondary IP address?: It's possible a loopback interface?

Tranks u for your information

:)

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
JORGE RODRIGUEZ Fri, 08/21/2009 - 11:44

The PIX/ASA does not support secondary ip addresses in interfaces nor looback, but if you are attempting of geting additional Ip block from your current ISP provider different from what you currently have you simply route the new block in your edge router or ISP router back to your PIX outside interface and create your nat pools or statics with new ip block in the pix .

Is this what you are trying to accomplish? if not please clarify.

Regards

Mie1am900 Fri, 08/21/2009 - 13:12

Hello tranks you for your response,

I only have the edge router ISP, I supposes that the new block is in this router. I created my nat static and permit the https port, but when i try to verify , the port is closed.

WILL IT BE SOMETHING WITH THE ISP?

JORGE RODRIGUEZ Fri, 08/21/2009 - 13:58

Have you confirmed with the ISP the new ip block is being routed towards PIX outside interface Ip address? beside doing that, you can always from outside do a trace route towards the New Nated IP address you have configured, the last hop should be your PIX oustide interface or you will probably see a loop at ISP router Ip if not being routed properly.

[edit]

also make sure the host you have for https is indeed listening to port 443.

regards

Actions

This Discussion