Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

IP Aliasing on PIX

Status
Not open for further replies.
tephra

tephra

Technical User
Mar 13, 2002
6
0
0
AU
Hi Guys,

Does anyone know if you can IP alias on the PIX?
Ie bind 2 or more IP's to the one interface?

Cheers
Dave
 
Sort by date Sort by votes
Yeah thats what i thought, which is really crap!

Might put in a feature request (Good if the PIX did
VLAN trunking as well :)

Cheers
Dave
 
Upvote 0 Downvote
But, why do you want to have multiple addresses on the outside interface? You can of course use the static command to let a specific inside service (i e www) be accessible from internet using an other public ip address than the one specified on the interface. Also you can use other public addresses than the interface-configured on outbound traffic with by specifying the address(es) in the nat pool.

Please give us more hints of what you want to do.

Regards Jimmy
 
Upvote 0 Downvote
Well not just the outide interface, mostly the inside interfaces. We have several public IP address ranges, and we are grouping them together, ie x.x.2.0/24 and x.x.3.0/24 need to be on 1 interface ie x.x.2.254 x.x.3.254 so that both the 2 and the 3 networks can get out.

 
Upvote 0 Downvote
We have a similar problem, a router which is external to the pix (outside) and two ranges of valid internal numbers on the same ethernet. All we want to do is let all traffic flow through the PIX, so we can dump naughty packets. It doesn't actually have to do any routing...just packet passing.
 
Upvote 0 Downvote
HI.

We had a similar scenario - 2 internal neighboring partner networks (different subnets) going to get to the Internet via a single pix 506 device.

Since the pix does not support this, the solution we are going to implement is to build a linux router just for the purpose of routing (it will have 3 interfaces, one to each internal subnet and one to the pix inside interface).

Of course - a layer 3 switch/router will be a better solution but more expensive, and same for replacing the pix 506 with a pix515 with 3 interfaces.

Sorry but I don't think that there is a better solution other then internal router or pix with more interfaces.

Bye
Yizhar Hurwitz
 
Upvote 0 Downvote
There may be one other way to do this.


Have you looked into using CIDR. This only works if your inside blocks are contiguous (i.e. 10.0.1.0, 10.0.2.0, etc. etc.), but it works better in my opionion than setting up multiple default gateways. This is becuase if a station on one of the subnets needs to talk to another, with CIDR, it won't go throught he default gateway.

As an example, using a subnet mask of 255.255.252.0 (note the third octet), you can make one "supernet" of four networks (example, 10.0.1.0, 10.0.2.0, 10.0.3.0 and 10.0.4.0) and have them all use the same Ip for a default gateway.

Just a thought...
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sameer258
  • Locked
  • Question
Need Help to Find ip and mac address with email who one open my email
Replies
0
Views
148
Sameer258
Sameer258
XLNTech1
  • Locked
  • Question
iptables port forwarding
Replies
0
Views
126
XLNTech1
XLNTech1
Sparrow4
  • Locked
  • Question
Configure Avaya IPO R11 / VM Pro + Office365 or Exchange for voicemail to email
Replies
2
Views
150
Johnkite
Johnkite
Russtoleum
  • Locked
  • Question
SW GVC won't route traffic through sonicwall to offsite tunnel unless it leases an ip on the same su
Replies
1
Views
62
Russtoleum
Russtoleum
PauS0n
  • Locked
  • Question
Need Help On Cisco ASA 5512 Running Version 9
Replies
0
Views
56
PauS0n
PauS0n

Part and Inventory Search

Sponsor

Back
Top