Firewall subinterface

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Firewall subinterface

L1 Bithead

Greetings,

   i have some doubts in configuring sub interface. i have eth1/1 (physical interface)ip-10.0.2.1 now for some testing i want to configure a sub interface for eth1/1 with same subnet like 10.0.2.2 and without vlan tag.

will this work ??? 

can i have same network on both physical and sub interfaces ??

what should i be aware of????

1 accepted solution

Accepted Solutions

L3 Networker

Hello @pyrainath, I would like to highlight two important considerations regarding this scenario:

  1. To create a subinterface, it is necessary to establish a VLAN in the configuration.
  2. Having two IPs from the same subnet on different interfaces or subinterfaces is not permissible.

Regards

Jorge Pomachagua
PCNSE, PCNSC.

View solution in original post

5 REPLIES 5

L3 Networker

Hello @pyrainath, I would like to highlight two important considerations regarding this scenario:

  1. To create a subinterface, it is necessary to establish a VLAN in the configuration.
  2. Having two IPs from the same subnet on different interfaces or subinterfaces is not permissible.

Regards

Jorge Pomachagua
PCNSE, PCNSC.

greetings,

Thank you so much for the information.....

hello Jpomachagua,

The thing is we are borrowing bandwidth from another dept in my company .so they have a firewall. they give us some private ips and we configured that ip on one interface for example 10.x.x.1/29 and they map this ip with a public ip for our vpn connection. they have already mapped another public ip with 10.x.x.2/28 and this private ip is not yet configured on our firewall. now we have a requirement to host a webserver so we were hopping that we could dnat through 10.x.x.2/28. in order to do that we need to configure that ip on our firewall thats why we hope sub interface will do that job.

1.can you give any other suggestion to make this work. ?

2.what will actually happen if we configure two IPs from the same subnet on different interfaces or sub interfaces?

 

PREVIEW
 

Hello Pyrainath

 

An option is to set up two IPs on the same interface. The first IP, for instance, could be 10.10.10.1/29, and the second IP could be 10.10.10.2/32. This approach allows you to manage two IPs without the need to create a subinterface.

 

Regards

Jorge Pomachagua
PCNSE, PCNSC.

Thanks again Jpomachagua,

 

so i have already configured the ip 10.10.10.1/29 on the physical interface eth1/1. so like u said i hope to configure the ip 10.10.10.2/32 on a loopback interface, will this work in my situation? 

  • 1 accepted solution
  • 1585 Views
  • 5 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!