In a word yet it can. Just assign the internet site of the firewall the ip-addresses you need as aliases.
I do this (have have done this for well over 6 years) -- Martin Hepworth Snr Systems Administrator Solid State Logic Tel: +44 (0)1865 842300 > -----Original Message----- > From: Todd Ritter [mailto:[EMAIL PROTECTED] > Sent: 22 November 2005 20:14 > To: [email protected] > Subject: [gb-users] Two Public Networks - One Provider > > I was hoping the Gnatbox gurus out there could help me solve this problem, > which I think is solvable. > > > > We currently have a SONET connection that gives us an Ethernet handoff > that > is plugged into our Cisco Router. The Cisco router is plugged into our > Gnatbox 1000. The Gnatbox is plugged into our network switch. I don't > see > a reason to keep the Cisco router in place, but I'm having difficulty > wrapping my head around the IP addressing/routing with the firewall. > There > are 2 sets of public IP's involved, and 1 private scheme (192.168.1.0/24). > Our external router address is assigned an IP in the range of our service > provider: X.X.8.14/30, and the internal interface on our router is > assigned > an IP that is in the range of our public subnet assigned to us by our > provider from ARIN: X.X.50.65/28. The external interface on our gnatbox > is > X.X.50.66/28. Can the gnatbox route between all 3 networks even though > only > 2 network interfaces on the firewall would have physical connections? > > > > -I want tunnels from outside users to go to our assigned subnet > (X.X.50.64/28) to go to private servers like they do now. > > -I want our private workstations to be able to access all our servers by > private IPs like they can now > > > > I'm not sure if this is possible, but it doesn't seem to me like our > router > is doing anything for us. Although, how does the rest of the world know > where our X.X.9.64/28 address are without a router? RIP on the firewall? > I > assume I need to use a PSN somehow, but it seems like it would cause > problems with our static VPN connection that uses an IP from our range > (X.X.50.66), so I would want to be able to keep that for the VPN object. > And I have some "special" users mapped to our external IP's (in the > X.X.50.64/28 range) for outbound VPNs to clients that I still need to use. > > > > Please see this picture for a drawing of what I'm trying to explain: > http://www.westfaliausa.com/proposed.jpg > > > > I hope this makes some sense, and I really appreciate any help/thoughts > that > you can provide. > > > > > > -- > > Todd > > Tritter_at_westfaliausa_dot_com > > ------------------------------------------------------ > To unsubscribe: [EMAIL PROTECTED] > For additional commands: [EMAIL PROTECTED] > Archive: http://archives.gnatbox.com/gb-users/ ********************************************************************** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This footnote confirms that this email message has been swept for the presence of computer viruses and is believed to be clean. ********************************************************************** ------------------------------------------------------ To unsubscribe: [EMAIL PROTECTED] For additional commands: [EMAIL PROTECTED] Archive: http://archives.gnatbox.com/gb-users/
