Cisco Support Community
Community Member

DSL firewall and IPS again...

Okay maybe I was not clear.. so here goes again...

My Ips are a.b.c.1 - a.b.c.5

My Router is locked to a.b.c.6 by qwest...

Right now I use a.b.c.1 as my firewall's external address..

Then I get EMAIL and DNS to my Mail server using port forwarding ports 25 and 53 by setting my firewall to forward ports 25 and 53 to f.g.h.i

But that is it....


Community Member

Re: DSL firewall and IPS again...

Seems to me the problem is that your router's external address, a.b.c.6 and your firewall's external address, a.b.c.1 cannot be on the same IP subnet, given that your firewall is connected to your router's internal interface.

The a.b.c.1-5 subnet has to be used via NAT in the router.

internal network = (a) firewall (b) = (c) router (d) = dsl gw

a - firewall's internal ip address

b - firewall's external ip address

c - router's internal ip address

d - router's external ip address - a.b.c.6

b and c have to be on their own subnet, different than a's and d's

I suggest you use 192.168.x.1/24as a as b, as c

Then NAT your 192.168.x.0/24 address range to your router's external address using overload. And statically map the other ip addresses to your inbound services (mail, dns, etc)

CreatePlease to create content