I have the following scenario
A Windows SBS 2003 Server with ISA server and Exchange.
The server performs NAT at present
We have 14 IP addresses on a C IP address range 217.x.x.x (subnet mask = 255.255.255.240) only two of these are currently used, taken by the router and external nic respectively
Internal network = private IP addresses with DHCP in the 10.x.x.x range and the internal nic with an IP address of 10.0.0.10
We now want to add in a Cisco Pix 501 Firewall and I would like to find the best way to configure and install it with the least disruption and change. I had hoped to use it with the same IP range on both interfaces but have realised that solution is not possible and the firewall needs two different subnets.
I have thought of using the following setup
Router and external address of firewall with two of the 14 public IP addresses.
Internal interface of Pix with a second subnet eg. 10.0.10.1 to external nic of server 10.0.10.10 (or any private addresses on the same subnet)
Internal nic of server and internal network keeps existing IP addresses and scope (third subnet)
My question concerns the implications of changing my present setup to the above situation . Also the steps I would need to take and the changes I would need to make (if any) to Exchange and to other Apps. What I am not sure of is what I will need to take into consideration and to reconfigure for this change to work. I know the basics, such as how to configure IP addresses, but am not sure of the full implications of a basic configuration change such as this. I am not sure for example if the nics will continue to pass through in the same way, or whether ISA depends on having one of the public IP addresses. At present the default gateway is the ADSL router
My idea was to leave ISA and the Cisco pix running concurrently for a while if possible.