Posted on 2003-12-01
I'm in a network now that has about 100 nodes on a public /24 subnet. I have a pix 515e (not installed yet) with just the eth0 and eth1 ports (no DMZ). Run an Exchange 2000 mail server, an IIS 5 webserver w/5 small sites. And currently the FW is IOS on a 2621 router. Everything is currently just sitting behind the firewall on same subnet.
Need sugestions on a secure/efficient setup using what I currently have, if I should be subnetting etc. The Internal addresses will of course become a private range once the pix is in. I can get ahold of ISA server to throw in the mix if that helps.
Not sure if I should put this into another question...but....on the transition from public to private IP's, what is the easiest way to change users local ports to point to the new ip addresses?