Who owns 122.45.5.1? you or your old ISP? Looks like APNIC uses that range, so if you're switching to a new ISP you will not be able to use that address for anything. You'll have to change all natting/vpns, and update any vendor connections that are based on that old IP 122.45.5.1.
If you have addresses assigned to you by Arin, then create a /30 subnet(or what ever size) and use that for your external firewall address & router Ethernet address. This will make it easier to move the next time. Switch ISPs, have them announce your subnets, and move the firewall and everything to a new router without changing anything on the firewall. -----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] On Behalf Of Ray Sent: Thursday, March 30, 2006 7:27 PM To: [email protected] Subject: [FW-1] Question on default route to a new ISP while retaining original IP Running R55 on Nokia 3.9. I currently have a router between FW-1 and the T-1's that supply our Internet connection. We're changing ISPs and I want to eliminate the router because it doesn't really do anything useful (no filtering, etc.) and I can use it elsewhere. The new ISP comes in via fiber. I also must keep the same external IP address on FW-1. We have our own IP block and the new ISP will announce those routes for us. So my external interface currently looks like this (made-up addresses): IP: 122.45.5.1 /24 Next hop router - default route (mine) 122.45.5.254 The new ISP wants us to re-IP the firewall to IP: 67.56.4.3 /30 Next hop router - default route: 67.56.4.4 Obviously if I change the external IP like this, all sorts of things are going to break, like all of our vendors that expect traffic to come from 122.45.5.1. I do use central licensing. Is it possible to set the external interface like this: IP: 122.45.5.1 /24 (original address) Next hop router - default route: 67.56.4.4 (new ISP) or do they truly both have to be on the same subnet? If so, is there any way to fix this while still eliminating the old router and not manually setting NAT on every object? Or do I just have to keep the old router in place? Thanks for any education you can lend, Ray ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
