Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

PIX 515E & Interface Routing

Hey guys. I have some questions and I hope they're not horribly stupid. My company recently aquired (3) PIX 515E's. I've configured a PIX 501 but on a smaller network with no remote offices. On the 501, I converted the inside clients to a 172.16.0.* range and the external IP was our gateway. That worked fine.

Now, I work on a network with one main office, 2 remote offices, and 3 subnets. I'm having trouble trying to even get the thought processing started here. Let me give you some basics.

Main Office 1 - 10.46.167.*

DHCP Server 10.46.167.1-255

Router 10.46.167.1 (I have no control over this router)

Remote Office 1 - 10.46.166.*

DHCP Server 10.46.166.1-255

Router 10.46.166.1 (I also have no control over this router)

Remote Office 2 - 10.46.161.*

Few systems, No DHCP (all static IP's)

Router 10.46.161.1 (same thing. I have no control over this router)

I didn't initially setup this network. So unfortunatelly the routing wasn't configured by me, nor do I administer the main routers. One of my questions is this. Is it possible to set the 515E up without having to convert all internal IP's? All I really want to do is place the firewalls between our switches and the main routers. Reason being is that I have no control over the routers. I'm just afraid that it won't be possible without setting up all new DHCP scopes internally because the P515E won't let me use the same subnet on both the inside/outside interfaces (which is the default).

Am I making this more complicated than it should be?

1 ACCEPTED SOLUTION

Accepted Solutions

Re: PIX 515E & Interface Routing

Your thinking is correct. You will need to create a new network between the 'inside' of the router and the 'outside' of the PIX or create new 'inside' networks. You do have the option of making the firewalls "transparent". Check the link below

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a008089f467.shtml

2 REPLIES

Re: PIX 515E & Interface Routing

Your thinking is correct. You will need to create a new network between the 'inside' of the router and the 'outside' of the PIX or create new 'inside' networks. You do have the option of making the firewalls "transparent". Check the link below

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a008089f467.shtml

New Member

Re: PIX 515E & Interface Routing

Brilliant! I owe you Collin. That's EXACTLY what I needed. A way to place these firewalls into an existing network without changing the entire internal IP ranges. Thanks many times over.

632
Views
0
Helpful
2
Replies
CreatePlease to create content