Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Secondary IP Question

Hello All:

Got a question about configuring a secondary IP on an interface. First a little background on the question.

I have a 3620 routing between our 2 subnets. The interface FA0/1 on 3620 configured with connected to a 3660 fa0/1 3660 connected to several subnets 5x and 6x

I need to route from our 1x corporate subnet to a 6x subnet. I was using the 3620 fa0/1 interface in my route statement to get me from 1x to 6x but the firewall handling the 6x subnet was dropping them because it perceived them as spoofed.

My question - if I created a secondary IP on the 3620 interface in the 6x subnet range, would that resolve this issue?

Thanks - hope this was presented with enough clarity.

Hall of Fame Super Silver

Re: Secondary IP Question


I am afraid that I do not understand your issue very well. It is clear that 10.0.4.x is the subnet that connects your 3620 and your 3660. I think that subnets 5 and 6 are connected on the 3660. I am not sure but suspect that the 1 subnet may be on the 3620. And then there is a firewall, but I am not clear where it connects. Is it in between the 3620 and the 3660?

And I am not sure why the firewall would believe that the packet going to subnet 6 was spoofed. That sounds like the firewall does not know that subnet 1 is connected through the 3620.

But I do know that if subnet 6 is really connected on the 3660 that it is NOT a good idea to try to configure a secondary address in subnet 6 on the 3620.

If the problem is that the firewall does not know where subnet 1 is, then the solution is to have the firewall learn where subnet 1 is. And a secondary address on the router interface is not going to affect the firewall.