Hi All!
We are making a transition between one ISP and another. We have routers for
both ISP's now operational on our general network ("outside" the PIX
firewall).
Is it possible to configure the PIX to handle both ISP's during the
transition period at the DNS servers? It is a very simple configuration --
here are the lines which have the old ISP addresses:
1. ip address outside 38.168.115.180 255.255.255.0
2. global (outside) 1 38.168.115.160-38.168.115.179
3. static (inside,outside) 38.168.115.174 20.0.0.174 netmask 255.255.255.255
0 0
4. conduit permit tcp host 38.168.115.174 eq www any
5. route outside 0.0.0.0 0.0.0.0 38.168.114.1 1
I *do* have three network cards in the PIX -- I'm currently only using two.
I would *think* that I could add replicate configuration lines for 3 and 4.
IOW, couldn't I add
static (inside,outside) 65.107.103.174 20.0.0.174 netmask
255.255.255.255 0 0
conduit permit tcp host 65.107.103.174 eq www any
and have these coexist with the 38.168.115.174 statements?
I'm more concerned with items 1, 2 an 5. But perhaps I can leave them as is
until the conversion is completed. For transaction originated from *within*
our internal network, I'm happy to use the old ISP until the DNS conversion
is complete. What I want to make sure is that folks from the outside can
access my internal servers even though some would be routed to the "old" ISP
address and others to the "new" ISP address while the new DNS information
propagated throughout the www.
Can anyone give me some insight on this?
TIA
Harry
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
