Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > Secondary IP address on PIX ethernet interface

Thread Tools

Secondary IP address on PIX ethernet interface
Posts: n/a
Hi All,

I have tried to assign secondary IP address on Cisco ASA's box
interface, and find out that this facility is not supported. After
trying to find a trick to go around this limitation, I found out that
this could be achieved by employing trick that depends on Proxy-ARP
facility the following way:

1. Define a static ARP table entry with the secondary IP address, which
you want to assign to the interface, with MAC address of the Ethernet

2. Enable proxy ARP for this entry on the ASA box.

3. Add routing entry, on the ASA, to the subnet of the secondary IP
address, making the Ethernet interface acting as a gateway for this
subnet (you may try remove this step, it might work without it).

Now, you can use this new secondary IP address as a gateway for
workstation with IP from the new subnet to go through the ASA box.

- you might be able to achieve this approach by implementing the static
ARP entry, with same values, on the workstation that requires using the
secondary IP address for ASA's Ethernet; leaving the ASA with the
mentioned routing table entry only.
- I think that this trick will work on PIX firewall also.



Reply With Quote
Mark Williams
Posts: n/a
Couldn't you also accomplish the same thing by using 802.1Q
encapsulation on the Etnernet interface, and creating two

Reply With Quote
Posts: n/a
Actually, what had driven me to do this thing is that I did not have a
VLAN capable switch then I had to accomplish the configurations and
start testing the related software. I used this trick as temporary

Reply With Quote

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
secondary IP address in an Interface adanteg Cisco 0 10-03-2007 06:01 AM
Re: Use router ethernet interface as a layer 2 ethernet port Cisco 0 11-25-2006 08:55 AM
static nat between phisical interface and virtual interface on same ethernet Andrea Cisco 0 04-19-2004 09:37 AM
Secondary ip on PIX interface Raymond Doetjes Cisco 3 04-07-2004 12:09 AM
Can 803 (ISDN-ethernet) work ethernet-ethernet? Peter Cisco 2 12-11-2003 11:24 PM