Thank you all for your replies. I have decided to purchase and additional interface for the Pix for the switch over. After the switch over it will give me a backup interface card. Thanks again!
-----Original Message----- From: Mike Hrubes [mailto:[EMAIL PROTECTED]] Sent: Friday, October 04, 2002 10:33 AM To: [EMAIL PROTECTED]; Mike Carney; [EMAIL PROTECTED] Subject: RE: Pix Question Naveed is correct. From cisco's website at: http://www.cisco.com/warp/public/110/19b.html This sample configuration demonstrates how to set up the Cisco Secure PIX Firewall for use with two internal networks. When you add a second internal network behind a PIX Firewall, keep in mind the following points: The PIX cannot route any packets. The PIX does not support secondary addressing. A router has to be used behind the PIX to achieve routing between the existing network and the newly added network. The default gateway of all the hosts should be set pointing to the inside router. Add a default route on the inside router pointing to the PIX. Remember to clear the Address Resolution Protocol (ARP) cache on the inside router. Perhaps you can use this article to get some ideas...it talks about putting two private networks behind the PIX, but I'm sure with a little thought you could reverse that to make two public networks in front of the PIX. I'm thinking something to the effect of a router in front with a secondary IP address? Haven't put much thought into it...just trying to head you down the right path. -Hrubes -----Original Message----- From: Naveed [mailto:[EMAIL PROTECTED]] Sent: Wednesday, October 02, 2002 10:31 PM To: Mike Carney; [EMAIL PROTECTED] Subject: RE: Pix Question Hi Mike As far as my knowledge goes, PIX cannot be configured with a secondary interface. An interface can take only one IP address. -Naveed -----Original Message----- From: Mike Carney [mailto:[EMAIL PROTECTED]] Sent: Wednesday, October 02, 2002 9:17 PM To: [EMAIL PROTECTED] Subject: Pix Question Hello All, Thanks in advance to those who reply. I have run into a situation where I am transferring ISPs. The original ISP is passing the IP information through the serial connection to the ethernet interface. My PIX firewall is then connected to this interface via a hub and we use net for the other addresses in our subnet. My question is this: Since I do not wish to purchase another router or firewall for the new connection BUT I need them both up at the same time temporarily how do I do this? I am think that I can assign a second network to the ethernet interface of the router without any problem. Does anyone know if the Pix can have two external networks bound to the same interface? I would think it possible since people have multiple subnets sometimes from the same provider. If anyone has any thoughts please let me know. Thanks! Mike
