DSL network - PPoE Question

My expertise in the PPOE area is lacking.

I have a network (DSL) that is managed (NAT, etc) by a SonicWall TZ170
firewall. As a part of my business, I am often required to run security
scans using Nmap, Nessus, etc against client networks. When I had my
non-stateful Linksys router in place I could scan at whatever speeds my
client networks required. However, the stateful firewall Sonicwall device
has a limit of 6,000 connections and it's killing my ability to effectively
scan - even at the Nmap "paranoid" rate (which doesn't limit total
connections - just simultaneous connections to a single host or target).

My question is:

If I obtain a second static IP from my provider, can I place a hub outside
of my firewall (direct to the DSL modem) and have both the firewall and a
separate PC connected to that hub - each utilizing one of the static IP's?
That way I can run my scans and not be limited by the firewall's connection
limitation, but still keep my main network protected. I'm trying to figure
out if PPoE can run on 2 separate client machines each pulling in a
different IP. My gut tellms me it's not possible.

If so, can an ISP that utilizes PPoE also somehow support a true static IP
address? I can't talk to them until tomorrow and am anxious to get other
insight first..

Thanks..




JDB

JDB wrote:
> If I obtain a second static IP from my provider, can I place a hub
> outside of my firewall (direct to the DSL modem) and have both the
> firewall and a separate PC connected to that hub - each utilizing one
> of the static IP's? That way I can run my scans and not be limited by
> the firewall's connection limitation, but still keep my main network
> protected. I'm trying to figure out if PPoE can run on 2 separate
> client machines each pulling in a different IP. My gut tellms me
> it's not possible.

I don't see why this shouldn't be possible. PPPoE just requires a login id
and password. I'm sure multiple simultaneous logins should be supported.

> If so, can an ISP that utilizes PPoE also somehow support a true
> static IP address? I can't talk to them until tomorrow and am
> anxious to get other insight first..

A true static address? I don't think so, but PPPoE-assigned address that
never changes, is possible. In fact, I once had such a PPPoE address a
couple of years ago.

Yousuf Khan

"JDB" <(E-Mail Removed)> wrote in message news:<(E-Mail Removed)>...
> My expertise in the PPOE area is lacking.
>
> I have a network (DSL) that is managed (NAT, etc) by a SonicWall TZ170
> firewall. As a part of my business, I am often required to run security
> scans using Nmap, Nessus, etc against client networks. When I had my
> non-stateful Linksys router in place I could scan at whatever speeds my
> client networks required. However, the stateful firewall Sonicwall device
> has a limit of 6,000 connections and it's killing my ability to effectively
> scan - even at the Nmap "paranoid" rate (which doesn't limit total
> connections - just simultaneous connections to a single host or target).
>
> My question is:
>
> If I obtain a second static IP from my provider, can I place a hub outside
> of my firewall (direct to the DSL modem) and have both the firewall and a
> separate PC connected to that hub - each utilizing one of the static IP's?
> That way I can run my scans and not be limited by the firewall's connection
> limitation, but still keep my main network protected. I'm trying to figure
> out if PPoE can run on 2 separate client machines each pulling in a
> different IP. My gut tellms me it's not possible.
>
> If so, can an ISP that utilizes PPoE also somehow support a true static IP
> address? I can't talk to them until tomorrow and am anxious to get other
> insight first..
>
> Thanks..

I don't know what version of SonicOS you have, but you could try using the DMZ.