Hi all, appologies if this is fairly basic stuff but I am relatively new to firewalling.
I have purchased a subnet of 8 private IP addresses from my ISP. 109.x.x.128/29
The ISP has placed a juniper router within our data centre which is routing purely from 109.x.x.206/30 to 109.x.x.128/29 with the ip of fa0/1 set to .129.
I have linked a cisco 5505 to fa0/1 of the juniper from fa0/0 and configured its IP to .130. I have configured NAT to translate our client pool 192.168.16.x /24 address' to the internet.
Is it possible for the 5505 to route / map my remaing private IP addresses through its external port? I have tried creating a seperate VLAN for a DMZ for our servers to sit within but am returned with a subnetting error as VLAN for my external port is all ready configured within the same subnet.
You would definitely need to use a IP range different to what you are using for the outside interface for the DMZ. You cannot have the same subnet range on two different interfaces. Although if you have a different range on DMZ, you can nat the dmz servers to the outside interface public ip when they access the internet.
Johnathan, as Varun stated, you would need to create a new VLAN (ex. 10.10.10.0/24) using private IP Addresses and create static NATs for your servers and add access lists to allow access to servers from the outside.
Another option would be to put the servers on the 'Outside' VLAN and IP the servers with external IP addresses. I realize that the requirement is to put the devices behind the firewall but it's another option.
Join us for a detailed discussion of the integrations between Cisco Secure Email and SecureX. We’ll share the various ways that SecureX provides greater visibility across the Cisco Security landscape and demonstrate how Secure Email is the ...
ISE 2.7 FCS
To display default country code and Place holder customization please follow the below steps.
Upload the attached js file in Custom Portal Files.
Go to portal and add the below script in the Registration Form pag...
Part 1: The Basics
Hard-copy printing may feel very “old school” now, but a recent flurry of activity related to the print spooler service on Windows operating systems has brought one of the oldest IT applications back into the spotlight again. Our...
Python on Cisco Secure Email
The Python package used in our appliances is not a standard deployment --- just like AsyncOS is not your typical FreeBSD (a free and open-source Unix-like operating system descended from the Berkeley Software Distributio...
Wireless Controller WLC integration with Cisco ISE for access control through 802.1X is one of the most popular deployment in the network security field. Now is the employee PC safe after the authentication and authorization?even after the posture o...