You would probably need to look at subnetting the address range accordingly to fit in with your topology. E.g. if my ISP had given me the 188.8.131.52/24 range I may subnet it so that one interface had 184.108.40.206/30 and another may have 220.127.116.11/30.
My IP block rane is 18.104.22.168 /29 ( .233 to .238 useable IP's, .232 being a subnet ID and .239 being a broadcast.
Subnet is 255.255.255.248
At the moment .233 is assiggned to Cisco route (ADSL2+) and rest aren't in use.
If I seperate .233 from the rest of the network (as its a router IP connecintg to internet), how should my IP addreses scheme look like ( i.e IP address range for second subnet m subnet mask, and gatway IP.
You could use a private IP address on your sonicwall if you wish and then do static NAT at the router so. This will still work for VPN setup etc but you may have a bit of extra complexity setting up VPNs etc. I can't remember off the top of my head but I have set up a VPN to a sonicwall that was behind a natted address before and there was one extra option I need to change on the sonicwall end!
Or you could do as your are suggesting and assign a Public IP to the sonicwall outside and then the the router. In which case you would likely be natting on the Sonicwall and not the router. Depends on how you want to set things up/how they are working now.
You would require a static translation on the router otherwise the other side of the VPN would not be able to initiate a VPN tunnel. It would be no good just overloading the dialer0 interface
They would then set their peer address as your dedicated translated public IP address and it would be natted through to your Sonicwalls private address when it hits the router. Your sonicwall would then process the IPsec as normal.
The problem I ran into was one end was embedding their private IP address into the IKE message (for identity I believe) and the other end was getting confused. This was easily rectified though I just can't remember the specific setting as it was a while back. Just keep an eye on the logs.
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...