public ip addresses and link address /30

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

public ip addresses and link address /30

L0 Member

Hi, 


I have a question regarding public interface configuration. ISP gave me /30 link network address space and /28 public IP address pool. Can you suggest me best way to configure this public address on PA. Should I use virtual wire, loopback interface or can I assign /28 address pool as VLAN on interface.


Thank you for replay

1 REPLY 1

L7 Applicator

Hi @patux80 

 

On the external interface pointing towards the ISP you have to use one address of the /30 subnet. With the other 16 addresses you can then do whatever you want:

  • Use one or more single (/32) addresses for loopbackinterfaces which you use for global protect or IPSec VPN for example
  • Use these addresses with NAT rules to make internal/DMZ servers publicly available
  • Create a DMZ zone where you place servers that will get IPs of this public /28 subnet
  • Split the /28 in 2 /29 and use one for a DMZ and the others for NAT
  • ...

Hope this helps.

 

Regards,

Remo

  • 2616 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!