• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 353
  • Last Modified:

PIX firwall in perimeter security

I am going to design perimeter security using cisco pix 515 firewall.
PIX model 515 with 6 interface,IOS 6.1(4) in stateful failover mode.
I will be using this firewall to protect all my 3rd party frame relay connection into the network.
their will not be any connection out to internet.
could anybody supply with some useful resourse.
Can i utilize Outside interface as another DMZ as i am not connecting it to internet.

Thanks,
0
rijujohn
Asked:
rijujohn
  • 4
  • 2
1 Solution
 
lrmooreCommented:
Yes, you can use the Outside as just another DMZ no problem. Can you be more specific in what you need help with?


http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_61/config/index.htm
0
 
rijujohnAuthor Commented:
Hi,

Thanks, Can i connect one perimter interface to a router having IP address from different subnet.
ex- DMZ interface address is 192.168.10.1 and the connecting router interface is 172.168.17.1

Thanks,
0
 
lrmooreCommented:
no. connecting interface must be on same subnet as router interface.
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
rijujohnAuthor Commented:
ok, If that is not possible can i connect 2 router to a single DMZ interface through a Hub and give IP from the same subnet and put different static route for both routers.

ex: dmz IP 192.168.10.1 ,Router1 IP =192.168.10.2 and router2 IP =192.168.10.3

Thanks,
0
 
lrmooreCommented:
absolutely, no problem
0
 
lrmooreCommented:
rijujohn
No comment has been added lately (13 days), so it's time to clean up this TA.
I will leave a recommendation in the Cleanup topic area for this question:

RECOMMENDATION: Points awarded to: lrmoore

Please leave any comments here within 7 days.


PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!

Thanks,

lrmoore
EE Cleanup Volunteer
---------------------
If you feel that your question was not properly addressed, or that none of the comments received were appropriate answers, please post a request in Community support (with a link to this page) to refund your points. http://www.experts-exchange.com/Community_Support/

0

Featured Post

IT Degree with Certifications Included

Aspire to become a network administrator, network security analyst, or computer and information systems manager? Make the most of your experience as an IT professional by earning your B.S. in Network Operations and Security.

  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now