Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Network Problem

Status
Not open for further replies.
Namekian

Namekian

IS-IT--Management
Nov 5, 2004
56
US
My Cisco router isn't going to be able to preform my wanted duties, so I am going to have to place my Firewall on the outside, and I don't know how to set it up as.

I have 5 public ips and a gateway for them. How can I set one port on a Cisco PIX 512 Firewall to handle all five IPs and the gateway?
 
Sort by date Sort by votes
Assign one of your public IPs to the outside interface, set the default route to be your gateway device (The ISP's router, for example) and you're set as far as the networking goes.

I'm not sure I know what you mean by "handle all five IPs". If you mean that you have internal servers which need to be available from the Internet, then you use a static NAT statement and an access-list entry. Each interface on the Pix normally has only one address assigned to it.
 
Upvote 0 Downvote
I have five public IPs. For instance 1.1.1.1, 2.2.2.2, 3.3.3.3, 4.4.4.4, 5.5.5.5, but I only have one line coming from the wall. Another issue is that the building that our office is in, supplies the connection via a switch port. Meaning we don't have access to the modem directly. I need to be able to use all 5 IPs, but I can only use one port to connect it all to the outside. So, I can only use a port on the router or the firewall.

The router doesn't seem to like it, but I could just be doing the command wrong. I am using the secondary IP option to assign 5 IPs onto one port.
 
Upvote 0 Downvote
Sorry, I thought you meant 5 separate addresses on the same network, not 5 separate networks. I think the Pix can do this via VLANs, but I haven't done it myself.

Routers can do this via "ip secondary", but routing becomes an issue. For example, you must have 5 gateways to the Internet- which one should be chosen. You might have to look into policy-based routing. From my understanding, an IOS router will be more flexible in this than a Pix.
 
Upvote 0 Downvote
I thought so at first also, but it didn't seem to like it when I placed the five IPs in there. I have a gateway also, how would I make it so that I use the gateway, and use the 5 IPs. I cant do VLANS, to old of a switch, it is a Cisco Catalyst 5000.
 
Upvote 0 Downvote
You can't. For example, you can assign different networks to an interface:

int eth 0
ip address 192.168.1.0 255.255.255.0
ip address 192.168.2.0 255.255.255.0 secondary
ip address 192.168.3.0 255.255.255.0 secondary

But you get only one default gateway, and it has to match one of the networks that you're interface is configured for.

Network 192.168.1.0/24 can't route via 192.168.2.1, for example.

I'm still confused on what you're trying to do. How does traffic for all 5 networks get to you through 5 different gateways?
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

ciscokid1984
  • Locked
  • Question
Watchguard RDP from external network
Replies
1
Views
156
hairlessupportmonkey
hairlessupportmonkey
acabezas2014
  • Locked
  • Question
Configuring ASA for Network Segmentation
Replies
1
Views
137
acabezas2014
acabezas2014
ITSUPPORTIT
  • Locked
  • Question
VPN from ASA 5510 and RV215W problem
Replies
0
Views
78
ITSUPPORTIT
ITSUPPORTIT
texwiz
  • Locked
  • Question
need some help to properly set up, segregate and secure a network with an ASA 5505
Replies
2
Views
99
texwiz
texwiz
alex1002
  • Locked
  • Question
Sonicwall SSLVPN very slow Throughput accessing network files
Replies
1
Views
138
alex1002
alex1002

Part and Inventory Search

Sponsor

Back
Top