I hope this is interesting enough to:
a. Not get overly-flamed for being the newbie I am,
b. Find out its possible and get some real good hints.
T-1 connected to a Cisco 1600 serial connect. From there it goes through a Pix 515 before sharing
the pipe with the Lan. What I?m trying is to take the PIX out and replace it with MonoWall keeping
the Cisco 1600 in place.
The flow is as follows:
x.x.x.1 /30 (cloud) to x.x.x.2 /30 (serial at wan side Cisco 1600),
then 172.16.0.1 /30 (Cisco 1600 lan side) to 172.16.0.2 /30 (Pix wan side).
Finally, 10.0.0.1 /20 (Pix lan side shared to lan).
Here is where I?m stymied:
Our ISP supplies an IP range unrelated to the IP?s of the cloud to Cisco 1600 run. (y.y.y.y /28).
We use one IP from that range for global and a few others for server type things, web, mail?
The first attempt at trying the MonoWall was interesting. The inbound traffic came in just fine.
Was able to port the web and mail traffic right where they needed to go. But the outbound on the
global IP or the server?s IP?s just sat there smiling (all dressed up and no place to go).
Unknown if the returns for the global outbound would have come in as there was no calls going
out?so, I?m guessing maybe (non-commital).
1. Is it possible to slip in a monowall and replace the Pix, given the mentioned networking layout?
2. If so, is this where I would need VLAN?
*** Never let the truth get in the way of a good story ***