Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
799
Views
0
Helpful
2
Replies

PIX 515E & Interface Routing

Go to solution
JohnF1974
Level 1
Level 1

‎03-19-2010 08:56 AM - edited ‎03-11-2019 10:23 AM

Hey guys. I have some questions and I hope they're not horribly stupid. My company recently aquired (3) PIX 515E's. I've configured a PIX 501 but on a smaller network with no remote offices. On the 501, I converted the inside clients to a 172.16.0.* range and the external IP was our gateway. That worked fine.

Now, I work on a network with one main office, 2 remote offices, and 3 subnets. I'm having trouble trying to even get the thought processing started here. Let me give you some basics.

Main Office 1 - 10.46.167.*

DHCP Server 10.46.167.1-255

Router 10.46.167.1 (I have no control over this router)

Remote Office 1 - 10.46.166.*

DHCP Server 10.46.166.1-255

Router 10.46.166.1 (I also have no control over this router)

Remote Office 2 - 10.46.161.*

Few systems, No DHCP (all static IP's)

Router 10.46.161.1 (same thing. I have no control over this router)

I didn't initially setup this network. So unfortunatelly the routing wasn't configured by me, nor do I administer the main routers. One of my questions is this. Is it possible to set the 515E up without having to convert all internal IP's? All I really want to do is place the firewalls between our switches and the main routers. Reason being is that I have no control over the routers. I'm just afraid that it won't be possible without setting up all new DHCP scopes internally because the P515E won't let me use the same subnet on both the inside/outside interfaces (which is the default).

Am I making this more complicated than it should be?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Collin Clark
VIP Alumni
VIP Alumni

‎03-19-2010 01:00 PM

Your thinking is correct. You will need to create a new network between the 'inside' of the router and the 'outside' of the PIX or create new 'inside' networks. You do have the option of making the firewalls "transparent". Check the link below

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a008089f467.shtml

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Collin Clark
VIP Alumni
VIP Alumni

‎03-19-2010 01:00 PM

Your thinking is correct. You will need to create a new network between the 'inside' of the router and the 'outside' of the PIX or create new 'inside' networks. You do have the option of making the firewalls "transparent". Check the link below

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a008089f467.shtml

0 Helpful

Go to solution
JohnF1974
Level 1
Level 1
In response to Collin Clark

‎03-19-2010 01:59 PM

Brilliant! I owe you Collin. That's EXACTLY what I needed. A way to place these firewalls into an existing network without changing the entire internal IP ranges. Thanks many times over.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card