I currently have 2 vlans setup on our network. 10.0.0.1 class a is our private network and 172.16.0.1 class c is our guest network. they don't talk to each other and the 172.16.0.1 is routed by a layer 3 switch to our 2621 router (uses access-lists) whose internal interface is 10.0.0.1 but has a secondary interface of our public a.b.c.d class c network. To get internet access, I have the router doing a dynamic nat of the 172.16.0.1 subnet to one of our public and the other 10.0.0.1 subnet going through another public ip via dynamic nat.
I want to place a pix 515 in between front of our private and guest network and behind our router. Boxes for public access etc are going to continue to be in front of the pix and behind the router. I am going to make the a.b.c.d class c subnet the primary subnet on the internal interface of the router and place 10.0.0.1 on the internal interface of the pix. my question is can I put nat id 0 for the 172.16.0.1 subnet on the internal pix interface and and let the router translate it to a public and also pat the 10 subnet to a public on the pix's internal interface or can I setup 2 different pats on the same pix interface one for the 172.16.0.1 subnet and one for the 10.0.0.1 subnet.
thanks in advance.
I want to place a pix 515 in between front of our private and guest network and behind our router. Boxes for public access etc are going to continue to be in front of the pix and behind the router. I am going to make the a.b.c.d class c subnet the primary subnet on the internal interface of the router and place 10.0.0.1 on the internal interface of the pix. my question is can I put nat id 0 for the 172.16.0.1 subnet on the internal pix interface and and let the router translate it to a public and also pat the 10 subnet to a public on the pix's internal interface or can I setup 2 different pats on the same pix interface one for the 172.16.0.1 subnet and one for the 10.0.0.1 subnet.
thanks in advance.
