Hi,

I got a setup proposed for a firewall and DMZ.
But there was one concern: All PC's have a static IP and they didn't
want to change that. So the following *thing* was made.

Situation:
One IP range: 10.9.1.1-254
Router to internet: 10.9.1.1
Public NIC Firewall: 10.9.1.2
DMZ NIC: 10.9.1.50
DMZ hosts: 10.9.1.51-59
Private NIC Firewall: 10.9.1.254

Please help me to convince them that IP adresses have to be changed,
or things will never be safe behind the firewall.

Or can this situation be secured with proper subnetting? (I doubt
that)

Kind regards,

Arjan