Is it possible to assign multiple external IP addresses to the external interface of a PIX 501?
We have a /24 allocated to us, and at the moment our backend firewall (ISA Server) has several public IPs bound to its external NIC and rules that map each external IP to an internal private IP address, ie:
Public IP 1 - Internal Private IP 1 - Port 80 Public IP 2 - Internal Private IP 2 - Port 80 Public IP 3 - Internal Private IP 3 - Port 25
The only "smart" functionality we use on the ISA is its means of allowing outbound Internet access by domain user account. I may be looking at getting a dedicated appliance such as a Blue Coat to control outbound access for users (due to its filtering and anti-spyware abilities) which would leave me needing something to control outbound access on an IP level through normal
"source - destination - protocol - action"
Style rules. I've been looking at various open source things such as m0n0wall and whilst they will all do it, I think I'd prefer an appliance.
I appreciate this is a Cisco oriented group but if anyone reading this happens to have any knowledge of the Fortinet products I'd be interested as they appear to do this sort of thing and seem keenly priced.
cheers, Paul