Hello All! I have a small private network (10.0.0.X) running behind a PIX 520 firewall. It's currently interfacing to a public www network (UUnet) and I'm using NAT to translate the public addresses to my private network. I only have two servers accessible from the outside via conduit statements one at 10.0.0.160 and one at 10.0.0.170. This all works great -- thanks to a lot of help folks on this firewall list!
We have been approached by another party which wants access to a new server on our private network at 10.0.0.150. This new .150 server need NOT be accessed by the UUNet public network, but we do want it to be part of the 10.0.0.X private network. This party is also supplying a leased line to us with it's own network address space (let's say it's 56.100.200.X). So basically, I want to allow two network subnets to have selected access to my private 10.0.0.X network and I'm not sure how to do it. The problem *may* be simplified by the fact this this new party needs only to talk to 10.0.0.150 and not any other servers on the private network. Further, the .160 and .170 servers do not have to be accessible by this new party. I'm thinking there might be two approaches 1. Employ a third card in the existing PIX (e.g. a DMZ card) to interface the new 56.100.200.X network). 2. Install a second PIX on my private network, NAT'ing 56.100.200.150 to the 10.0.0.150 server. Will either of these approaches work? TIA Harry _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
