Solved

can IP address be given to CISCO Router CISCO Firewall and Mail server from the same IP address pool

Posted on 2016-09-01
4
20 Views
Last Modified: 2016-09-21
I am asking this question because the vendor supporting our CISCO Router & CISCO Firewall (ASA) is telling me that this can not be done and we should have one more IP pool
0
Comment
Question by:Ramesh Satija
  • 2
4 Comments
 
LVL 24

Expert Comment

by:Dr. Klahn
ID: 41779588
Are you asking about the outward-facing IP or the inward-facing (LAN) IP?
0
 
LVL 20

Accepted Solution

by:
rauenpc earned 500 total points (awarded by participants)
ID: 41780183
As a general rule, you can't have the same ip pool, specifically a subnet, assigned to two different interfaces on the same device. So an ASA can't have the inside and outside interfaces configured with 10.0.0.0x/24 because they overlap.
So if you have Internet-ASA-Router-LAN, every spot between devices needs to be a different subnet or it will cause either a routing issue or it plainly won't be allowed on a device.
Now to go off of what Dr. Klahn was getting at, if you want to use a single Public IP address pool, and assign individual IP's to go to other devices behind the firewall, that is a simple matter of configuring NAT.
0
 

Author Comment

by:Ramesh Satija
ID: 41781101
Thaks both of you for further comments / info. To answer Dr Klahn' query on my question, I am talking about outward Ip as well as inward -facing (LAN) IP, because all our ISP has given us one public IP Pool of 16 IP addresses, and no additional public ip for outward or WAN IP.

However after reading the detailed comments / suggestions of Mr rauenpc, I will discuss with my CISCO support vendor and then give further comment

Thanks to both of you for help
0
 
LVL 24

Expert Comment

by:Dr. Klahn
ID: 41808385
System requested close
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now