Cisco router - 2 interfaces on same subnet?
Posted on 2009-02-18
At our "primary" location, our company uses access-control lists on our perimeter Cisco router to reduce all incoming traffic to just the ports required for our DMZ servers. Inside that we use a SonicWall UTM appliance for IPS, anti-virus, etc. (PLEASE don't get hung up on the "why" of this approach)
At a remote location, we would like to use the same approach. However, we are prohibited from configuring the perimeter Cisco router that was provided by our ISP. So we currently have their Cisco 2600 series router (no access-list restrictions in place at all), then the SonicWall. Our hope is to place another Cisco 2600 series router (with access lists) between the current Cisco and the SonicWall. Our concerns center on the routing& how to get that Cisco to pass traffic when both interfaces are within the same subnet.
The current perimeter Cisco has a public IP of x.x.x.17 (255.255.255.240)
The SonicWall interface has a public IP of x.x.x.18 (same subnet)
The SonicWall uses NAT to convert the remainder of our public addresses (.19 through .30, though only .28 through .30 are currently used) to our private addresses.
How would the Cisco "middleman" be configured to properly pass traffic between the current Cisco and the SonicWall ?