Hey guys. I have some questions and I hope they're not horribly stupid. My company recently aquired (3) PIX 515E's. I've configured a PIX 501 but on a smaller network with no remote offices. On the 501, I converted the inside clients to a 172.16.0.* range and the external IP was our gateway. That worked fine.
Now, I work on a network with one main office, 2 remote offices, and 3 subnets. I'm having trouble trying to even get the thought processing started here. Let me give you some basics.
Main Office 1 - 10.46.167.*
DHCP Server 10.46.167.1-255
Router 10.46.167.1 (I have no control over this router)
Remote Office 1 - 10.46.166.*
DHCP Server 10.46.166.1-255
Router 10.46.166.1 (I also have no control over this router)
Remote Office 2 - 10.46.161.*
Few systems, No DHCP (all static IP's)
Router 10.46.161.1 (same thing. I have no control over this router)
I didn't initially setup this network. So unfortunatelly the routing wasn't configured by me, nor do I administer the main routers. One of my questions is this. Is it possible to set the 515E up without having to convert all internal IP's? All I really want to do is place the firewalls between our switches and the main routers. Reason being is that I have no control over the routers. I'm just afraid that it won't be possible without setting up all new DHCP scopes internally because the P515E won't let me use the same subnet on both the inside/outside interfaces (which is the default).
Am I making this more complicated than it should be?
Your thinking is correct. You will need to create a new network between the 'inside' of the router and the 'outside' of the PIX or create new 'inside' networks. You do have the option of making the firewalls "transparent". Check the link below