Carrie Miles
asked on
Is it possible to set up a second DMZ?
I just received another block of ip addresses to put on our dmz and i'm not sure how to do that? I'm almost through the CCNA book though:)!
Can anyone help? I would like to do through the PDM if possible. I was looking trying to figure it out and thought it should go in the Host/Networks tab, but not sure where to add it?
Any help is much appreciated!
Thank you!
Can anyone help? I would like to do through the PDM if possible. I was looking trying to figure it out and thought it should go in the Host/Networks tab, but not sure where to add it?
Any help is much appreciated!
Thank you!
Keith Alabaster
What is your firewall and IOS version? How many ports does it have?
>I would like to do through the PDM if possible.
Sounds like a PIX. As Keith suggested, please post details of which PIX model and what version OS it's running.
Generally, you simply need to confirm with the ISP that this new block of IP addresses will be routed to your current public IP address.
Once this block of IP's is routed to you, you simply create new static xlates or global pools on the pix.
If these are simply additional IP's that are in the same IP subnet as your outside interface, then you just create new static xlates, or add these IP's to the global xlate pool.
For what purpose did you order these additional IP addresses?
Do you have a router out in front of the PIX, or how does your WAN access come in? Is it DSL, T1, or what?
Sounds like a PIX. As Keith suggested, please post details of which PIX model and what version OS it's running.
Generally, you simply need to confirm with the ISP that this new block of IP addresses will be routed to your current public IP address.
Once this block of IP's is routed to you, you simply create new static xlates or global pools on the pix.
If these are simply additional IP's that are in the same IP subnet as your outside interface, then you just create new static xlates, or add these IP's to the global xlate pool.
For what purpose did you order these additional IP addresses?
Do you have a router out in front of the PIX, or how does your WAN access come in? Is it DSL, T1, or what?
ASKER
I'm sorry for not giving the equipment and version. It is a Cisco PIX 515E, version 6.3(4).
This block of IP's are being routed to us. They are not on the same subnet as the other block if ip's on our dmz interface.
We are putting a linux box on our dmz, that was the purpose of getting additional ip's.
We have a router that was provided by our ISP, it's a bonded copper line.
I hope this helps!
Thank you!
This block of IP's are being routed to us. They are not on the same subnet as the other block if ip's on our dmz interface.
We are putting a linux box on our dmz, that was the purpose of getting additional ip's.
We have a router that was provided by our ISP, it's a bonded copper line.
I hope this helps!
Thank you!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Called Cisco and this is not possible since.
With enough information anything is possible. Asker did not provide enough information.
Cisco TAC looks at a problem from a very narrow viewpoint.
Delete is fine with me.
Cisco TAC looks at a problem from a very narrow viewpoint.
Delete is fine with me.