Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
416
Views
0
Helpful
1
Replies

IP from e2 subnet works on e1 subnet - bug or feature?

baranowski
Level 1
Level 1

‎05-03-2002 10:54 AM - edited ‎03-08-2019 10:31 PM

Configuration:

PIX 515E w/6.2.1

Inside: 1.2.3.224/28 (e1 IF = 1.2.3.225)

DMZ: 1.2.3.240/28 (e2 IF = 1.2.3.241)

No translation – all static.

I >accidentally< had a >Windows ME< computer on the Inside IF with the following config:

IP: 1.2.3.250 <<<<< out of range

Mask: 255.255.255.240

Gateway: 1.2.3.225 <<<< or this is out of range

The OS didn’t complain about the ip/gateway not being in the same range, but in any event, the config worked – there was connectivity to the outside. (http://www.whatismyip resulted in 1.2.3.250).

Is this supposed to work? If so, it’s a feature! In the above scenario, I am wasting ips on the dmz that I would like to use on the inside. Why/how is the PIX allowing traffic from an IP on an interface that conflicts with another route/interface?

-Mike Baranowski

Labels:
0 Helpful
1 Reply 1

s-doyle
Level 3
Level 3

‎05-10-2002 06:20 AM

No, that shouldn’t work. Check winipcfg and see if the gateway is specified correctly on another interface or something.

0 Helpful
Customers Also Viewed These Support Documents