Hi
Comcast has provided us with EDI service consisting of one /30 network to connect to the internet and a /25 for our additional Public IP addresses.
One approach would be to use a basic router with one port connected to the /30 network and do a simple layer 3 route to the /25 network.
The second approach (i am not sure this is possible) would be to use a Sophos XG firewall with the /30 network as the LAN connection, our internal net work as the LAN connection and on a DMZ connection have the /25 with only layer 3 routing between the /30 and the /25 (public IP) (no connectivity to the LAN).
The layer 3 connectivity to the /25 public should be with no NAT or other firewall features, and the Public IP address on the /25 should be the address seen by the public internet, and function as if directly connected to the internet.
Connections to the /25 will be used for other routers and or equipment designed to be connected directly to the internet.
If using the second approcch utilizing a Sophos XG firewall is a good solution which model would be the best fit considering both performance and price?
If the first approach would be the best choice what XG model would you recommend.
Any recommendations and help greatly appreciated.
Chris
Edited TAGs
[edited by: Erick Jan at 2:23 PM (GMT -7) on 27 Aug 2024]
