Newbie multi-homed routing question

  • I have a cisco ADSL router that has multiple static ip addresses assigned to the dialer (ppp) interface.  I then use NAT to expose internal services.  I am using cisco ACL's to firewall traffic.  The relevant snipped from my configuration:

    interface Dialer0
    ip address xx.xx.xx.8 secondary
    ip address xx.xx.xx.9 secondary
    ip address xx.xx.xx.10 secondary
    ip address xx.xx.xx.11 secondary
    ip address xx.xx.xx.12 secondary
    ip address xx.xx.xx.7

    ip nat inside source list 2 interface Dialer0 overload
    ip nat inside source static tcp 22 xx.xx.xx.10 22 extendable

    I am concerned that my setup is not very secure and I have bought an ALIX to run pfsense.  I would like to know the best setup for this portion of my network.  I'm quite a beginner to cisco ios.

    As I see it some options are:

    1. reconfigure my cisco router to give the xx.xx.xx.8-12 static addresses to pfsense and have pfsense multi-homed
    2. keep my cisco configuration and have pfsense in my internal network.  Both cisco and pfsense will provide NAT to expose internal services.

    Are these options sensible?  Do I have any other options?

    Many thanks in advance,


Log in to reply