I have numerous routable class c networks i want to assign to the interfaces behind our pix 515e 6.22 OS. It seems when i give another interface a routabel address that interface and its computers can't get past the pix. The outside interface has 1 routable address, but how do i get multiple out from behind. the routers are outside of the pix but they are all vlan'd down the same pipe. So we have 6 class c that come down our same pipe and work fine from outside the firewall. So i have 220.127.116.11, 18.104.22.168, 22.214.171.124 that i want behind the firewall on separtate interfaces. Currently the outside of the pix has 126.96.36.199 that works fine. I want them all to go to the outside world. Any thoughts. Thanks in advance.
PS. I want this becasue our ISP blocks addresses that are doing bad things, so when it is PAT they block our whole gateway, i want them to just block the offending machine.
Thanks for that, but i don't want them to be natted, i want them to appear on the outside as exactly what they are. The router is on the outside 188.8.131.52 for example, so the clients point to 184.108.40.206 as their gateway but when i set this up they can't get past the pix
You can use the inside interface of you PIX as your default gateway and then enable proxy arp. My internal subnet uses the inside interface of my perimeter PIX as it's default gateway, which is configured for proxy arp, which in turn forwards the traffic to a router on the outside.
If you go into the PDM and look under the System Properties tab/Routing/Proxy ARPs setting, you can enable it for your PIX interfaces.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :