Hi all - forgive my lack of knowledge in this area (I understand only the basics). My setup is as follows:
current setup:
- 2 x ISP managed load balanced routers (currently default gateway .254) which hook into a switch.
- a range of internet facing IP addresses .1 - .253 of which all our office machines and servers are assigned one
- multiple web servers each assigned an internet facing IP
I have purchased a PIX 506E with the intention of "firewalling" our network and I have an IP address available for the outside interface.
is it possible to connect it as follows:
routers -- switch -- pix --- switch --- lan
and then configure the PIX to work with my ip range assigned by the ISP bearing in mind my web servers need to keep their current IP addresses (however my office machines could in theory be switched to work off DHCP provided by the pix but not the servers). I could give the servers an internal "192.168" address and map the external IP numbers in some way to the right servers that would also work but configuring the PIX is of course tricky having not done this before.
one other thing that is kind of weird - i plugged my primary router directly into the outside interface socket of the PIX just to see if it worked and the interface lights did not come on however the primary router connected straight into the switch is OK - does the cable have to be crossover?
I appreciate without further details of the exact current configuration advice is difficult - but if you can offer any advice on what configuration options I need to be looking at and any URLs I can look at would be great!
oh yes, would be using the PDM (PDQ??) web interface to configure!!!
any advice on this would be most appreciated
Cheers
cdc
current setup:
- 2 x ISP managed load balanced routers (currently default gateway .254) which hook into a switch.
- a range of internet facing IP addresses .1 - .253 of which all our office machines and servers are assigned one
- multiple web servers each assigned an internet facing IP
I have purchased a PIX 506E with the intention of "firewalling" our network and I have an IP address available for the outside interface.
is it possible to connect it as follows:
routers -- switch -- pix --- switch --- lan
and then configure the PIX to work with my ip range assigned by the ISP bearing in mind my web servers need to keep their current IP addresses (however my office machines could in theory be switched to work off DHCP provided by the pix but not the servers). I could give the servers an internal "192.168" address and map the external IP numbers in some way to the right servers that would also work but configuring the PIX is of course tricky having not done this before.
one other thing that is kind of weird - i plugged my primary router directly into the outside interface socket of the PIX just to see if it worked and the interface lights did not come on however the primary router connected straight into the switch is OK - does the cable have to be crossover?
I appreciate without further details of the exact current configuration advice is difficult - but if you can offer any advice on what configuration options I need to be looking at and any URLs I can look at would be great!
oh yes, would be using the PDM (PDQ??) web interface to configure!!!
any advice on this would be most appreciated
Cheers
cdc