nuclearsnake
Limp Gawd
- Joined
- Mar 8, 2003
- Messages
- 445
Hi everyone,
I work for a company who are going to be splitting our office into two seperate companies and will need to split the one network as well with a shared DMZ for the equipment that belongs to both companies. The problem we have is with our ISP/consultants.
Back story: We currently have 10/10 fiber internet access with a /28 block (let's call it 111.222.50.96/28, It's default gateway is the .97 and our Netscreen25's 'untrust' interface is at 111.222.50.98.
We have some systems located on the .100 and .101 for web and email and the like using MIPs (Mapped IP Address) into our DMZ.
Now here's the problem that just came up. Over the last two or 3 weeks I was in contact with our ISP to provide us with another set of 16 public IPs which I was planning on using with a 2nd Netscreen device for the other company. The plan was to place a switch above both Netscreens, and assign 16 (technically 14) IPs to each netscreens.
Today I received the 2nd block of IPs (111.222.50.16/28) but they gave my the default gateway of .97 to use meaning they expected me to use these other IPs with the 1st netscreen or place one netscreen behind the other one...
They then told me what I was asking for is impossible and they would need to charge me for a whole new circuit.![Confused :confused: :confused:](data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7)
1) Without knowing how their network was setup, how must BS are they talking
2) What can I do to get around this without hacking and patching things to work. Putting one NS behind the other is not allowed.![Mad :mad: :mad:](data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7)
I work for a company who are going to be splitting our office into two seperate companies and will need to split the one network as well with a shared DMZ for the equipment that belongs to both companies. The problem we have is with our ISP/consultants.
Back story: We currently have 10/10 fiber internet access with a /28 block (let's call it 111.222.50.96/28, It's default gateway is the .97 and our Netscreen25's 'untrust' interface is at 111.222.50.98.
We have some systems located on the .100 and .101 for web and email and the like using MIPs (Mapped IP Address) into our DMZ.
Now here's the problem that just came up. Over the last two or 3 weeks I was in contact with our ISP to provide us with another set of 16 public IPs which I was planning on using with a 2nd Netscreen device for the other company. The plan was to place a switch above both Netscreens, and assign 16 (technically 14) IPs to each netscreens.
Today I received the 2nd block of IPs (111.222.50.16/28) but they gave my the default gateway of .97 to use meaning they expected me to use these other IPs with the 1st netscreen or place one netscreen behind the other one...
They then told me what I was asking for is impossible and they would need to charge me for a whole new circuit.
1) Without knowing how their network was setup, how must BS are they talking
2) What can I do to get around this without hacking and patching things to work. Putting one NS behind the other is not allowed.