Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Attention: The Community will be in read-only mode on 12/14/2017 from 12:00 am pacific to 11:30 am.

During this time you will only be able to see content. Other interactions such as posting, replying to questions, or marking content as helpful will be disabled for few hours.

We apologize for the inconvenience while we perform important updates to the Community.

New Member

Connecting 2 WAN clouds on the same IP address range.

Hello, I have a problem connecting my office to two third party companies.

I have two Cisco 1700 series WAN links to my office from these companies, Both routers are fully managed by their respective companies, both use static routing, and both are using the 10.0.0.0/8 IP address range.

The first company assigned my office the address range 10.212.1.0/24.

The second company assigned my office the address range 10.215.1.0/24.

My office can be set to any IP address range.

My questions are:

Is it possible to have a connection from my office to both networks at the same time? If so how?

Do I require these companies to provide me with their static routing information? or can I use routing protocols?

Do I need to perform NAT?

Can I use a PIX 515e firewall with three interfaces?

Sample configuration would be greatly appreciated

2 REPLIES
Cisco Employee

Re: Connecting 2 WAN clouds on the same IP address range.

Hi Paul,

I was reading the description and think the answers could swing either way depending more on the actual specifics of the connections etc. For example. If you mean the LAN sides when you state

The first company assigned my office the address range 10.212.1.0/24.

The second company assigned my office the address range 10.215.1.0/24.

So are we connecting to just another remtoe office on the other end? A telco?

Seems the issue here is more a matter of design and purpose of the setup. I think more information will make this eisier to answer.

For certain if each remote end has seperate networks then there shouldnt be routing issues. Wether or not

you will need a routing protocol would depend more on there internal routing, and assumes they will use a RP as well.

If you know the remote networks out both remote connections then you can specify these without issue in routing statements.

If the local assiugned lan is only going to be communicating out one WAN interface to One remote company then a route map could even be used to forward all wan traffic from that lan out the wan interface and or vice versa.

As far as PIX specifics, someone else would probably be better qualified to answer this then me but I dont see how this wouldnt work. Agian, depends on the topology.

Give some more details and it will be easier to give additional comments.

GB

New Member

Re: Connecting 2 WAN clouds on the same IP address range.

Hi GB

Just to clarify:

Two third party companies have put my office on their corporate WANs.

Company ONE has provided me with a Cisco 1700series router. This router is part of company One’s WAN as such it is fully managed by them. I do not have any access to this router, they maintain the static routes and determine what IP address range the router has (In this case they have given me the address range 10.212.1.0/24 to do as I please with).

Company Two has also provided me with a different 1700 series router. This router is part of company Two's WAN as such is fully managed by company Two. Again I do not have any access to this router, they maintain the static routes and determine what IP address range the router has (In this case they have given me the address range 10.215.1.0/24 to do as I please with).

So my LAN is connected to two separate WAN via two separate routers.

I would like to connect my LAN, and the two WANs to a router/firewall with 3 interfaces. I would like this router/firewall to route requests from my LAN to the correct company (the correct WAN router). The problem arises because:

A) The two companies are using the same IP address range (10.0.0.0/8), therefore if my computer requests to visit, for example, computer 10.10.10.10/16 in company One’s site, how can the router/firewall know which WAN router to forward the request to?

As 10.0.0.0/8 is a common corporate IP address range, I had assumed this was a very common problem. Do Network administrators update the router/firewall with all possible routes they require or can I use a routing protocol?

Also what happens if I need to access a server at company One's site that has the same IP address as a server I need to access at company two's site.

B)Does the PIX 515e-R-DMZ-BUN provide the required network/firewall functionality that I require

282
Views
7
Helpful
2
Replies
CreatePlease to create content