Pix 515 global outside

Hello,

Is it possible to have 2 differnet CIDR blocks using the same "outside" interfaec? In other words, can you have a network like:

4.4.4.0 and 5.5.5.0 (two different class-C networks) using the same external interface?

My issue is that I should have another class-c from ARIN coming in here and I would like to utilize that with the same PIX(s).

Thanks!
1 answer Last reply
More about global outside
  1. I don't think you'll be able to define them under the same interface, I think at a minimum you'd have to use sub interfaces to define it, which would probably also mean configuring it as a trunk port with vlans. You'll probably also want to think about how you're going to route that and if you're planning on actually assigning / natting all of those IP's off the external side or if they will be behind the pix. If behind the pix, then it maybe easier since that network would just be available via your existing external IP address. Can't say I've run into that situation before... but just throwing it out there as something to think about. No promises ;-)
Ask a new question

Read More

Firewalls Networking