Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

What is the use of IP alias on firewalls?

I have a firewall with one WAN port and two LAN ports.

Say the IP on the WAN port is 115.115.115.115. Then the IP address on the LAN ports are 172.16.16.16.1/24 and 192.168.1.1/24. the firewall is in gateway mode (it does NAT ing).Now i have connected four computers to the network 172.16.16.1 via a switch.If i create an alias on the LAN port which has 172.16.16.1 /24 ip and give the alias an ip 172.16.17.1 then what does it do in the network behind switch. Will i have 3 LANs now. Or will the computers behind the switch get an optiopn to choose the ip address from both the range i.e 172.16.16.1 /24 and 172.16.17.1/24..Will I be able to ping 172.16.17.1 from any computer in the network 172.16.16.1/24 network. I do know that if we use alias on WAN interface then we can accesss the device on two ip addresses. But my question is related to ip alias in LAN.


So what does an alias do from start to end.

4 REPLIES
Cisco Employee

What is the use of IP alias on firewalls?

Hello Pratyush,

IP alias allows you to partition a physical network into different logical networks over the same Ethernet interface.You can ping 172.16.17.1/24 from any computer in the network 172.16.16.1/24. But when you use IP alias and want communication between them, you need to configure firewall rules to allow access(route) between the LAN's logical networks (subnets).

Shahzad

New Member

What is the use of IP alias on firewalls?

Thank you for the answer . Now I have  some more questions related to alias.

1.How many broadcast domain would be present ?

2.In the ARP for the 17.16.16.1/24 will i get any response from 172.16.17.1/24?

3.Can an alias port act as a DHCP server.

4.If the hosts in the 172.16.16.1/24 fail to ping 172.16.16.1 will it have any effect on the 172.16.17.1 network ?

Cisco Employee

What is the use of IP alias on firewalls?

Hi Pratyush,

3.Can an alias port act as a DHCP server.

Yes, Alias port can communicate and broadcast for DHCP negotiation.

4.If the hosts in the 172.16.16.1/24 fail to ping 172.16.16.1 will it have any effect on the 172.16.17.1 network ?

There will be no effect until unless port/NIC is down or malfunction.

Regards

Shahzad

Cisco Employee

What is the use of IP alias on firewalls?

Also Pratyush,

1.How many broadcast domain would be present ?

One broadcast doman.

2.In the ARP for the 17.16.16.1/24 will i get any response from 172.16.17.1/24?

You can ping both IPs. Multiple domain name can point to single IP in same manner multiple IPs can point to single MAC address, MAC address table is maintained by switch.

Regards,

Shahzad

-----Please remember to rate useful posts, by clicking on the stars below------

743
Views
4
Helpful
4
Replies