Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Best Practice for changing Routable IP Space

We are currently changing ISPs and therefore changing our /24 routable space and was looking for some insight on how others have accomplished this.

We currently have service with Carrier A and as part of a WAN converstion to Metro Ethernet we are moving our IP service to Carrier B. I've tried to convience the higher-ups to keep both and utilize BGP so we wouldn't have to go through a transition with no luck.

The need currently is to run both during a conversion period. I have concerns over routing as we start to move translations from one network to the other. Has anyone else gone through this process and offer any insight? Is it best to purchase another firewall bundle or just make the new service another interface on existing firewalls?


Hall of Fame Super Blue

Re: Best Practice for changing Routable IP Space


As long as yur new ISP routes the new /24 to your firewall there is no reason why you cannot use the same firewall for both connections. And you can move across the translations on your firewall one at a time although you will not be able to tranlsate the same private address to 2 public ip addresses so you need to decide how easy it would be for you ie.

Inside server

Old public IP for inside server

New Public IP for inside server

If you need both translations at once then you might be better off looking for a separate firewall bundle but if you don't there is no reason why you can't use the same firewall.



Re: Best Practice for changing Routable IP Space

What about DMZ ? DO you have any existing DMZ & are you going in for a DMZ solution ?

How many interfaces does you firewall have ? is it a PIX or an ASA ?

If you are going to run both ISPs at the same time, then you will have to think of routing for your Links.

The Cisco firewall support 1 single route

so you may have to do a Policy route on the Current internet router to distinguish new ISp & old ISP traffic