08-04-2004 08:02 PM - edited 02-20-2020 11:32 PM
My 520 has 2 Ethernet ports. Can I ip the Outside interface(E0) 170.1.111.1 255.255.255.255 and IP the inside(E1) 170.1.111.2 255.255.255.0. If not how can have both interfaces on the same subnet. I want to use the 520 as a packet filtering firewall within a corporate WAN. The boxes on the inside will have an ip address in the range of 170.1.111.0.
***These are not my actual IP addresses***
Solved! Go to Solution.
08-04-2004 11:40 PM
Its called multinetting, if I am not mistaken and no, you cannot multinet, i.e. have same subnet on different interfaces on same device.
08-04-2004 11:40 PM
Its called multinetting, if I am not mistaken and no, you cannot multinet, i.e. have same subnet on different interfaces on same device.
08-05-2004 05:16 AM
Even though the E0 interface is a single host subnet? I also thought multinetting was when you have the same subnet on the same interface.
08-05-2004 05:29 AM
This is a actually a feature we are calling transparent firewalling (firewall acting as a bridge rather than an L3 hop). This feature is new in the 7.0 release which starts it's beta in a few weeks. If you are interested in getting involved in the beta program, please contact your local Cisco account team to get added to the list. The problem in your case however, is that the PIX 520 is *not* going to be supported by the 7.0 release. So, you will also need some new hardware.
One other option is that IOS FW recently added transparent firewall support. I believe it is in 12.3(8)T but check the docs to be sure.
Hope this helps.
Scott
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide