Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Changing network IP address scheme - Newbie here

Status
Not open for further replies.
bobbybryant

bobbybryant

MIS
Jul 23, 2004
6
US
We have a client that we are going to create a VPN between our 2 offices through PIX firewalls. Their PIX is already set up for their use, but we need to change their network address scheme prior to setting up the vpn. We need to change the ip's on all machines and anything else in about 1.5 hours (we could take longer, but the network should not be down from the Internet > 1.5 hrs). Can someone point me in the right direction for what changes to look for in their current config to ease the process? Any suggestions will be appreciated. I am new with PIX's, so I'm not sure where to find the info I need. Thanks.
 
Sort by date Sort by votes
Kind of a vague description...

Why are you changing their IP scheme?

When you say they arlready are setup for vpn, are you talking about accepting connections from vpn clients, or site-site vpns?

Are you just wanting to know how to change the IP on the PIX?

Thanks,
Michael
 
Upvote 0 Downvote
They are using an ip scheme that is included in our network. That is why we are changing. When I said the pix is set up for their use, that is b/c there is not a vpn currently set up. That is our goal after changing their ip scheme. So, initially, we will change their ip scheme and make pix changes to allow their network to work as it currently does now. Then, after that is set up, we can tackle the VPN. Hope that helps! Any more suggestions will be appreciated.
 
Upvote 0 Downvote
Depending on the number of devices with static ip configuration, changing your scheme is pretty easy. Plan on doing it over the weekend. Someone should be at that remote site that has access to every device.
During the period prior to the change, shorten your DHCP lease interval down to less than a day, so that every machine using DHCP will be expired come that weekend. Then on the weekend of the change, modify the static hosts, change the firewall, change the DHCP scope, modify the internal DNS. Pretty quick and painless if you only have a few static devices. The major catch will be if they are using hard coded IP address for any applications/configurations. If they do, you are in for some anguish.


There is a way to have overlapping subnets, but things might get more complicated doing that way.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sameer258
  • Locked
  • Question
Need Help to Find ip and mac address with email who one open my email
Replies
0
Views
1K
Sameer258
Sameer258
XLNTech1
  • Locked
  • Question
iptables port forwarding
Replies
0
Views
692
XLNTech1
XLNTech1
Sparrow4
  • Locked
  • Question
Configure Avaya IPO R11 / VM Pro + Office365 or Exchange for voicemail to email
Replies
2
Views
815
Johnkite
Johnkite
ciscokid1984
  • Locked
  • Question
Watchguard RDP from external network
Replies
1
Views
351
hairlessupportmonkey
hairlessupportmonkey
acabezas2014
  • Locked
  • Question
Configuring ASA for Network Segmentation
Replies
1
Views
410
acabezas2014
acabezas2014

Part and Inventory Search

Sponsor

Back
Top