Hello forum members and experts,
I need to use an additional Public IP block of /29 over /30 transport block. Since this /29 block wont be assigned to any interface, but will just be used on VIPs to map to the inside servers, and thus no L2 / ARP on this block, I should be able to use all 8 IPs (not just 5) since there should be no concept of network ID, gateway and broadcast address when routed thru a static route by ISP to the /30 IP on my firewall WAN port?
Can someone please confirm this?
Thanks
The same question pops up time to time in the forum. The answer is "yes".
Thank you so much Toshi Esumi for confirming my logic. I did spend time to search thru this forum as well as did Google search but I did not find specific question and specific response to it. Most will talk that yes this is standard practice to route over the transport block and that you then assign one IP address for gateway to LAN interface of the edge router and then have the firewall WAN attached to that interface of the router. Those used to be the traditional method years ago and what I wanted was to terminate the /30 and /29 directly on the firewall.
Appreciate again for your quick response and confirmation.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1735 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.