Todd Bertolozzi wrote:
Reading Wayne Tuckers response to you makes sense. It's been a while since I've been heavily involved with the total controls and we always used public ip space, but what about using proxy-arp on the hiperarc?
Anyone on the list have any comments regarding doing it this way? I believe it will work for you. Enable proxy-arp and let the hiper arc do the "routing" from public to private space. I could be totally off base and I don't have any test chassis's at the moment to play with but you could give it a try unless someone else has a different suggestion.
Proxy ARP allows you to use IP addresses from the LAN's network range in the pool. For instance, if the IP address on the HiperARC was 10.0.0.2 with a network mask of 255.255.255.0 (/24) and was routing through a router at 10.0.0.1, you could use 10.0.0.3 through 10.0.0.254 as the IP pool in the HiperARC. Enabling proxy arp tells the ARC to respond with its MAC address to any ARP requests for IP addresses in its pool. The alternative is to have a different network range as the pool (say, 10.0.1.0/24) which would be reached through a static route that you would have to program into the gateway router. Neither of these would make a difference in this situation since the problem with private IP addresses isn't reaching them from within your network, it's reaching them from the outside. - Wayne -- Wayne A. Tucker IT and Network Operations Manager wtucker@donobi.com DONOBI, Inc. <http://www.donobi.com/> +1-360-782-4477 "The Internet Solutions Company"