Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
262
Views
0
Helpful
1
Replies

Strange Network Configuration

delin
Level 1
Level 1

‎10-03-2003 01:15 AM - edited ‎03-02-2019 10:46 AM

We have a DSL router and 32 public IP addresses (for example 192.168.0.0/27). The DSL router is configured by the ISP and has 192.168.0.1 at the internal side. We have a PIX 515 wit 3 Ethernet interfaces – first connected to the DSL router, second connected to the internal network and third used as a DMZ.

What we want to do is to split the real addresses into to two subnets 192.168.0.0/28 and 192.168.0.16/28. Then to assign the first subnet to the interface connected to the DSL router and second to the DMZ interface. To the internal interface we want to assign a private address space, for example 10.1.1.0/24. Is it possible this configuration to work considering that no changes in the DSL router are possible and how the pix route the packets that are for the 192.168.0.16/28 ?

Labels:
0 Helpful
1 Reply 1

rjackson
Level 5
Level 5

‎10-03-2003 06:06 AM

Its doable with some firewalls, not sure about the pix. You need a way to tell the pix to answer arps for the addresses in the dmz subnet when it receives the arps on the link with the router.

You might get a quicker response posting this in the security forum.

0 Helpful
Customers Also Viewed These Support Documents