Hi, I am currently configuring a PIX 515E to replace our Linux/IPTables based firewall. This is my first experience with a PIX. On our Linux Firewall I have 3 NIC's, 1 connected to external router, 1 into DMZ switch and 1 into the internal network. On our Linux box I assigned an IP from our external subnet, say 100.100.100.86/29 for example to both the external NIC and the DMZ NIC. Then I would delete the 100.100.100.80/29 route on the external NIC and add a route on the external NIC such as: route add 100.100.100.81 dev eth2 <.81 is the Internet router> So the external NIC knows how to get to our Internet router, the DMZ NIC knows that the DMZ subnet hangs off it. Then I enable Proxy ARP so that the external NIC answers ARP requests for the DMZ IP's so that the Internet router can communicate with them. I've hit a wall with the PIX at the moment as it does not seem to like me assigning the same IP address/subnet to more than 1 ethernet port. If anyone has any suggestions it would be much appreciated. TIA, Dan
