In article , [EMAIL PROTECTED] says... > Hello, > > I was just reading this document,from the following link > http://www.cisco.com/warp/customer/110/8.html I have attached the Pdf file > of the same for your convinence :-). > > > now coming to my doubt. > > If i have a network say like 192.5.2.0/24 inside the pix (connecting to > internet) Does it mean that all the sites with 192.5.2.0/24 would not be > accessible to the inside network ?? > > thanks and regards, > Murali >
Yes, but it's not limited to the Pix. If your internal network is using one subnet, your devices will never be able to get to devices on the Internet using addresses from the same subnet. When your machine looks at the destination address, it thinks it is on its local network (layer 2) and will not even bother going to the default gateway for it. I've done the same thing by 'fat fingering' the mask to encapsulate more than the intended addresses (255.255.0.0 instead of 255.255.255.0 for instance). If the destination address would normally fall outside your subnet, but you stuffed up the mask and now it is included, your machine doesn't bother going to the default gateway to find it. Can I chip in with a question for everyone now? If you apply more specific routes to all devices for an address which should appear on your local subnet, will it then try the routed path to the device. eg Machine addressed 100.100.100.100 255.255.255.0 route add 100.100.100.10 mask 255.255.255.255 [default gateway] Not that you'd want to do it, but just wondering. Cheers, Gaz Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=56363&t=56347 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]