Non-contiguos subnets on the 'outside' PIX interface

Discussion in 'Cisco' started by Dan Charlesworth, Sep 6, 2004.

  1. Good morning,

    Our ISP has recently assigned a second , non-contiguous block of public IP
    addresses to our connection.

    We are having difficulty using any of the new addresses through the PIX. I
    have verified that the addresses function by hanging a notebook on the
    outside of the PIX and testing the functionality of the new addresses, with
    no problem.

    All the original IP addresses function, but when we try to use a STATIC to
    allow traffic to pass through the PIX using one of the new addresses, it
    does not function. It is as if the PIX is not responding to the ARP requests
    for the new address range.

    I have contacted Cisco TAC and they insist that everything is configured
    correctly, and that it must be an ISP routing problem (which I have proven
    that it is not).

    I get the feeling that there is something fundamentally wrong with what they
    are telling me to do......

    Any assistance would be greatly appreciated.

    Dan
    Dan Charlesworth, Sep 6, 2004
    #1
    1. Advertising

  2. Dan Charlesworth

    Rik Bain Guest

    On Mon, 06 Sep 2004 10:28:59 -0500, Dan Charlesworth wrote:

    > Good morning,
    >
    > Our ISP has recently assigned a second , non-contiguous block of public
    > IP addresses to our connection.
    >
    > We are having difficulty using any of the new addresses through the PIX.
    > I have verified that the addresses function by hanging a notebook on the
    > outside of the PIX and testing the functionality of the new addresses,
    > with no problem.
    >
    > All the original IP addresses function, but when we try to use a STATIC
    > to allow traffic to pass through the PIX using one of the new addresses,
    > it does not function. It is as if the PIX is not responding to the ARP
    > requests for the new address range.
    >
    > I have contacted Cisco TAC and they insist that everything is configured
    > correctly, and that it must be an ISP routing problem (which I have
    > proven that it is not).
    >
    > I get the feeling that there is something fundamentally wrong with what
    > they are telling me to do......
    >
    > Any assistance would be greatly appreciated.
    >
    > Dan


    What version of PIX? There were a couple of releases (6.3.1 and 6.3.2
    IIRC) that would not proxy arp for an address that was not in the
    interfaces subnet.

    Rik Bain
    Rik Bain, Sep 6, 2004
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.

Share This Page