If you have a registered set of IP numbers that your ISP can route to there is no need to change them or to use the NAT features of the firewall. However, if you are using numbers registered to another organization then it would be best to change them or it may cause some difficulting when trying to route externally.
For example, many people use to set up their Sun systems with Sun IP addresses because the installation guide used Sun addresses as examples. When these systems attempted to access the Sun site on the Internet the routers assumed the network was internal and therefore did not send the packets to the internet gateway. The problem was so common that Sun modified their documentation and inserted and prominent warning notice telling people NOT to use the sample address but to use an address supplied by their ISP.
You may also find issues with trying to route a registered address with some ISPs. Many ISPs have blocks of addresses assigned to them and configure their routers to only accept and route traffic destine to those addresses. If this is the case, you will can continue to use your registered addresses internally without any problem but you will need to use the NAT feature of your router to translate traffic go though your ISP to an address or addresses they assign you.
-- Bill Stackpole, CISSP
"d d" <desaweb22@hotmail.com> Sent by: firewalls-admin@lists.gnac.net
07/22/2001 05:09 PM
To: firewalls@lists.gnac.net
cc:
Subject: Local IP address?
Hi:
I have my LAN conected to internet via a PIX 515 Firewall, but i dont use
reserved private IP address in may LAN, that is i dont have 192.168.x.x IP
addreess type, i want to know if is important to CHANGE my IP addressing to
the reserved LAN IP ??
Thanks
Desa
_________________________________________________________________
Descargue GRATUITAMENTE MSN Explorer en http://explorer.msn.es/intl.asp
_______________________________________________
Firewalls mailing list
Firewalls@lists.gnac.net
http://lists.gnac.net/mailman/listinfo/firewalls