I have an ASA 5510 and everything is just fine for now.
I'm able to setup Internet to DMZ access using outside interface address. But now I want to move the services from outside IP address to another IP address (the next one in the pool my ISP gave me).
Is it possible ?
I've tried setting a NAT rule for the new IP address and the access list entry corresponding, but this does not work.
I suppose this is not working because the new IP address does not respond to ARP requests from my ISP router. Am I right?
Any help would be welcome.
Just to go further in the discussion:
Now that I have ARP proxy on the oustide interface, this prevents me from having another device "next to" the firewall on the same subnet(as opposed to "behind").True?
No, not true. The firewall will only respond to IPs it has been configured for. If you configured the whole subnet, in terms of static translations then yes you would have problems if you then allocated one of the IPs to a device next to the firewall.
However if you have 3 IPs eg. 126.96.36.199/11/12 and you had static statements on your firewall for 188.8.131.52 & 11 you could stil allocate 184.108.40.206 to the other device because the firewall will not respond to arp requests for that address.