FW: [nsp] Cisco 1720 or above Firewall using DHCP outside

Everett Dowd edowd at cox.net
Thu Nov 20 18:42:31 EST 2003

Instead of using static routes, you may want to see if your provider is
providing the default route in the DHCP request. Many times this is the case
and you shouldn't have to have any statics for the default route. 

Unless you have services inside your private network, this method works fine
with CBAC. I've been doing this exact thing since 12.2. Just let things in
that you need and kill everything else...

-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Chad Lander
Sent: Thursday, November 20, 2003 3:42 PM
To: 'cisco-nsp at puck.nether.net'
Subject: [nsp] Cisco 1720 or above Firewall using DHCP outside

Is it possible to use a 1720 or something in the 2600 range in a dual
Ethernet environment?


Outside is a DHCP DSL router w/ no static IP.


Inside is a static 10.0.0.x network.


The DSL provider doesn't give statics so every time the IP changes I have to
rewrite the config.

Does Cisco make a product (IOS) that takes in a DHCP address and rewrites
the firewall config on the fly to the new address?


I've tried the 12.1 and 12.2 IOS, and haven't been able to get a 12.3 IOS to
try...am I wasting my time?


Thanks for your consideration

Chad Lander


1-218-336-1000 x 135

cisco-nsp mailing list  cisco-nsp at puck.nether.net
archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list