cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
189
Views
0
Helpful
2
Replies

outside ip private

xtech
Level 1
Level 1

Hi,

I am attempting to set up a pix behind a router that dishes out 10.1.1.X ip addresses. The network in the inside has a bunch of stuff that prevents me from changing IP ranges, it is in the 10.1.1.X range also. The private side of the router is 10.1.1.1. Can I assign the outside interface 10.1.1.2, and the inside 10.1.1.3 and have it work OK,

Thanks - Wayner

2 Replies 2

scoclayton
Level 7
Level 7

Wayner,

The short answer to this question is no. The PIX requires (currently) that all interfaces be configured in a different subnet. The next release of PIX code will remove the above restriction but for now, you have to have each interface in a different L3 subnet.

With that said, your best bet would be to probably continue using the 10.1.1.0/24 (assumption here) subnet internally. You would assign the PIX the 10.1.1.1 address and keep the default gateway of your internal machines set to this address.

You would then want to create a new subnet for the segment between the outside of the PIX and the inside of the router. The PIX does support /30 bit masks so you could have this subnet be as small as 4 hosts if you wanted. But I would suggest making this a bt larger in case you needed to add more hosts to this segment later on. A 10.1.2.0/24 subnet would work fine for this segment.

Hope this helps...let me know if this is not clear.

Scott

Thanks - We are trying to get comcast to change the router for us.

- Wayner

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: