public ip addresses and link address /30

Reply
Highlighted
L0 Member

public ip addresses and link address /30

Hi, 


I have a question regarding public interface configuration. ISP gave me /30 link network address space and /28 public IP address pool. Can you suggest me best way to configure this public address on PA. Should I use virtual wire, loopback interface or can I assign /28 address pool as VLAN on interface.


Thank you for replay

Highlighted
Cyber Elite

Hi @patux80 

 

On the external interface pointing towards the ISP you have to use one address of the /30 subnet. With the other 16 addresses you can then do whatever you want:

  • Use one or more single (/32) addresses for loopbackinterfaces which you use for global protect or IPSec VPN for example
  • Use these addresses with NAT rules to make internal/DMZ servers publicly available
  • Create a DMZ zone where you place servers that will get IPs of this public /28 subnet
  • Split the /28 in 2 /29 and use one for a DMZ and the others for NAT
  • ...

Hope this helps.

 

Regards,

Remo

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!