Pix/ASA firewalls do not support using secondary addressing on an interface. However the good news is that they don't need to.
As long as the ISP routes the new block of IP addresses to the outside interface of your firewall then you simply use the new block of IPs as you have the existing block ie. you set up static translations and allow access via the access-list.
The new IP block does not actually have to be allocated to an interface.
I have a situation like this one. I get the routing part, but if I want to use the firewall as a VPN head end, how do I make it such that the firewall outside interface can be in the range of new ISP IPs? how can I make the outside interface accessible over the internet if I have 2 ranges?
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...