From: Kurt Kruegel (kurt@cybernex.net)
Date: Wed Dec 15 2004 - 14:12:03 GMT-3
anyone have a good link on using the pix global pool ?
here's the scenario
pix using a global pool spanning multiple subnets.
such as (example)
real addresses actually used
global (outside) 1 172.16.1.1-172.16.10.253
global (outside) 1 172.16.10.254
problem is that .0 and .255 addresses get used in the pool.
not a big problem it seems 99% of the time.
but m$soft seems to be blocking classfull network and broadcast addresses from
their web servers.
ie when someone
gets a .0 or .255 from the pool they can't get to m$soft.
is there a way i can exclude network (and broadcast)
addresses from the global pool ?
i think i remember reading that you can supply a network and mask in the
global pool
instead of listing as a flat pool of addresses
but i can't seem to find it.
kurt
This archive was generated by hypermail 2.1.4 : Mon Jan 03 2005 - 10:31:27 GMT-3