Isto pode ser conseguido por arping de proxy no Cisco PIX / ASA.
Eu não fiz isso sozinho, mas acredito que seja fácil e direto. Veja este tópico e this link .
Do link externo:
Let’s see what trick we can use to overcome this stupid limitation: we will be using the Proxy-ARP facility in order to respond for another IP requests on the same ethernet interface, without actually bringing it up. In my example I will be using eth0/1 and the ‘inside’ vlan, vlan1 with an existing ‘main’ ip range configured: 192.168.0.1/24; I will add another ip 192.168.1.1 so hosts from this range will also work behind the ASA: first find out the mac address of the ethernet interface you will be using. sh interface Ethernet0/1 this should show you the MAC address of the network interface. force this arp address on the internal vlan: interface Vlan1 mac-address 0019.0726.xxxx nameif inside now let’s define a static arp entry for the IP we want to use as secondary, using the same mac address as the one from above, and enable proxy ARP on it: arp inside 192.168.1.1 0019.0726.xxx alias you can verify this is working properly using the show arp command that should return you the ip and mac address, like this: sh arp inside 192.168.1.1 0019.0726.xxx alias ... at this point any system on the local interface can use the ip as its default gateway and it will work just fine. We just need to ensure that return packets are coming back to the source, and this means we have to add a static route for this network on the inside interface (pointing to the main ip of the interface, let’s say 192.168.0.1 in my case): route inside 192.168.1.0 255.255.255.0 192.168.0.1 1 also we need to ensure that traffic is allowed between the same interface hosts, and same level of security interfaces: same-security-traffic permit inter-interface same-security-traffic permit intra-interface and you probably want to be sure that access lists will allow the traffic from/to the newly added network. That’s it…
atualizar
Eu encontrei uma configuração antiga para um Cisco ASA onde eu tinha 1.2. 198 .224 / 28 e 1.2.199. 224 / 28, e acontece lá Não há configuração para esta segunda rede (.199.224 / 28), além das listas de acesso e regras nat. Eu ficaria feliz em masq a configuração e dar-lhe talvez seja muito tempo para postar aqui.