Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > Secondary IP address on PIX ethernet interface

Reply
Thread Tools

Secondary IP address on PIX ethernet interface

 
 
russlank@gmail.com
Guest
Posts: n/a
 
      04-25-2006
Hi All,

I have tried to assign secondary IP address on Cisco ASA's box
interface, and find out that this facility is not supported. After
trying to find a trick to go around this limitation, I found out that
this could be achieved by employing trick that depends on Proxy-ARP
facility the following way:

1. Define a static ARP table entry with the secondary IP address, which
you want to assign to the interface, with MAC address of the Ethernet
interface.

2. Enable proxy ARP for this entry on the ASA box.

3. Add routing entry, on the ASA, to the subnet of the secondary IP
address, making the Ethernet interface acting as a gateway for this
subnet (you may try remove this step, it might work without it).

Now, you can use this new secondary IP address as a gateway for
workstation with IP from the new subnet to go through the ASA box.

Notes:
- you might be able to achieve this approach by implementing the static
ARP entry, with same values, on the workstation that requires using the
secondary IP address for ASA's Ethernet; leaving the ASA with the
mentioned routing table entry only.
- I think that this trick will work on PIX firewall also.

Regards,

Russlan

 
Reply With Quote
 
 
 
 
Mark Williams
Guest
Posts: n/a
 
      04-26-2006
Couldn't you also accomplish the same thing by using 802.1Q
encapsulation on the Etnernet interface, and creating two
sub-interfaces?

 
Reply With Quote
 
 
 
 
russlank@gmail.com
Guest
Posts: n/a
 
      04-27-2006
Actually, what had driven me to do this thing is that I did not have a
VLAN capable switch then I had to accomplish the configurations and
start testing the related software. I used this trick as temporary
solution.

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
secondary IP address in an Interface adanteg Cisco 0 10-03-2007 06:01 AM
Re: Use router ethernet interface as a layer 2 ethernet port Bod43@hotmail.co.uk Cisco 0 11-25-2006 08:55 AM
static nat between phisical interface and virtual interface on same ethernet Andrea Cisco 0 04-19-2004 09:37 AM
Secondary ip on PIX interface Raymond Doetjes Cisco 3 04-07-2004 12:09 AM
Can 803 (ISDN-ethernet) work ethernet-ethernet? Peter Cisco 2 12-11-2003 11:24 PM



Advertisments