Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Strange Network Configuration

We have a DSL router and 32 public IP addresses (for example 192.168.0.0/27). The DSL router is configured by the ISP and has 192.168.0.1 at the internal side. We have a PIX 515 wit 3 Ethernet interfaces – first connected to the DSL router, second connected to the internal network and third used as a DMZ.

What we want to do is to split the real addresses into to two subnets 192.168.0.0/28 and 192.168.0.16/28. Then to assign the first subnet to the interface connected to the DSL router and second to the DMZ interface. To the internal interface we want to assign a private address space, for example 10.1.1.0/24. Is it possible this configuration to work considering that no changes in the DSL router are possible and how the pix route the packets that are for the 192.168.0.16/28 ?

1 REPLY
Bronze

Re: Strange Network Configuration

Its doable with some firewalls, not sure about the pix. You need a way to tell the pix to answer arps for the addresses in the dmz subnet when it receives the arps on the link with the router.

You might get a quicker response posting this in the security forum.

108
Views
0
Helpful
1
Replies