Solved

Cisco PIX 501: Ouside/Inside on same subnet?

Posted on 2006-11-08
5
340 Views
Last Modified: 2013-11-16
All,

Is it possible to have an outside IP of 192.168.1.100/24 and an inside IP of 192.168.1.101/24?

I am securing a network segment and I want to do this so that all PCs outside the firewall have 192.168.1.2-99/24 and all PC's on the inside have 192.168.1.102-199/24 and I can restrict the traffic between the two segments.

All IP's on my network are static and I will not be using the PIX's DHCP feature on the inside.

Thanks!

Mike
0
Comment
Question by:jbisordi
  • 4
5 Comments
 
LVL 57

Accepted Solution

by:
Pete Long earned 250 total points
ID: 17901239
No but you can use

192.168.1.0 / 25 (thats 255.255.255.128)

then subnet 1 would b

192.168.1.1 to 126

and subnet 2 would be

192.168.1.129 to 254

0
 
LVL 57

Expert Comment

by:Pete Long
ID: 17901326
Network address        Subnet                      Subnet Size             Usable IPs                                   Broadcast address
192.168.1.0      255.255.255.128      126                    192.168.1.1  to  192.168.1.126      192.168.1.127
192.168.1.128      255.255.255.128      126                    192.168.1.129  to  192.168.1.254      192.168.1.255
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 17901331
^^^^^^^^formatting screwed up but you get the picture
0
 

Author Comment

by:jbisordi
ID: 17901393
Thanks for the info Pete.

So just to be clear: it is not possible to place my 501 between two networks that use the same subnet, even if the IP's on the interfaces and the clients on each site are all unique...is that correct?
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 17901701
Thats correct yes  
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question