[fw-wiz] SGS5400 transparent installation with PIX

From: Muhammad Waseem (mwaseem_at_roottech.com.pk)
Date: 01/25/05

Next message: Shimon Silberschlag: "[fw-wiz] Multiple firewalls from different manufactureres"

Previous message: Victor Williams: "Re: [fw-wiz] Double firewall setup (long)"
Next in thread: firewall-wizards_at_honor.icsalabs.com: "Re: [fw-wiz] SGS5400 transparent installation with PIX"
Maybe reply: firewall-wizards_at_honor.icsalabs.com: "Re: [fw-wiz] SGS5400 transparent installation with PIX"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: firewall-wizards@honor.icsalabs.com
Date: Tue, 25 Jan 2005 18:09:56 -0000

Hi,

I have SGS5440 with software version 2.0.1 and update patches installed.
The scenario is a unique one, and I want if someone can give some hint on this.

Scenario:
I have SGS between outside router and PIX Firewall which is actually doing all nat'ing and contraols internal ips. So practially SGS has all the public ips on inside and outside. The details are as follows.

We have four networks like this, and these all subnets are configured on

router and pix. ( SGS is between Pix and outside Router)

Network Subnet Host Range

202.125.150.0 255.255.255.0 202.125.150.1- 202.125.150.254

202.125.152.192 255.255.255.192 202.125.152.193- 202.125.152.254

203.135.39.32 255.255.255.240 203.135.39.33 - 203.135.39.46

203.135.6.208 255.255.255.248 203.135.6.209 - 203.135.6.214

We have given following ips to SGS

Inside interface 202.125.152.222 255.255.255.192

outside interface 202.125.150.218 255.255.255.0

PIX outside ip (connected to SGS inside interface) is 202.125.152.253

Router Secondary ip (connected to SGS outside interface) is 202.125.150.254

Router also has 202.125.152.254 as primary ip of ethernet interface.

So for SGS, we have all public ip networks on the outside and also being used on the inside servers and clients.

Objective:
We want to pass all these PUBLIC ips with original ports transparently throught the SGS.
Can SGS route all these networks transparently both-ways using Address Transform or routing or some other method?

Do you see any problem with routing for this setup?

How to use Forwarding Filter for this objective?

Thanks.
Waseem
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Next message: Shimon Silberschlag: "[fw-wiz] Multiple firewalls from different manufactureres"

Previous message: Victor Williams: "Re: [fw-wiz] Double firewall setup (long)"
Next in thread: firewall-wizards_at_honor.icsalabs.com: "Re: [fw-wiz] SGS5400 transparent installation with PIX"
Maybe reply: firewall-wizards_at_honor.icsalabs.com: "Re: [fw-wiz] SGS5400 transparent installation with PIX"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]