SGS5400 transparent installation with PIX

["Muhammad Waseem" <mwaseem () roottech com pk>]

Hi,

I have SGS5440 with software version 2.0.1 and update patches installed.
The scenario is a unique one, and I want if someone can give some hint on this.

Scenario:
I have SGS between outside router and PIX Firewall which is actually doing all nat'ing and contraols internal ips. So 
practially SGS has all the public ips on inside and outside. The details are as follows.

We have four networks like this, and these all subnets are configured on

router and pix. ( SGS is between Pix and outside Router)



Network                      Subnet             Host Range
 
202.125.150.0    255.255.255.0  202.125.150.1- 202.125.150.254

202.125.152.192          255.255.255.192        202.125.152.193- 202.125.152.254

203.135.39.32   255.255.255.240          203.135.39.33 - 203.135.39.46

203.135.6.208    255.255.255.248         203.135.6.209 - 203.135.6.214





We have given following ips to SGS

Inside interface   202.125.152.222   255.255.255.192

outside interface 202.125.150.218   255.255.255.0



PIX outside ip (connected to SGS inside interface) is 202.125.152.253

Router Secondary ip (connected to SGS outside interface) is 202.125.150.254

Router also has 202.125.152.254 as primary ip of ethernet interface.

So for SGS, we have all public ip networks on the outside and also being used on the inside servers and clients. 


Objective:
We want to pass all these PUBLIC ips with original ports transparently throught the SGS.
Can SGS route all these networks transparently both-ways using Address Transform or routing or some other method?

Do you see any problem with routing for this setup?

How to use Forwarding Filter for this objective?

Thanks.
Waseem
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards