mmm not at all, it's a cisco router for one of the t1's for the company I work for.
Hm, doesn't change much in the hole picture. What you'll need to do depends much on how much you are allowed to change (and you'll have to change something, there's no way around it). If you are allowed to change internal IP address on Cisco, than you can use your Linux box as router/firewall for internal network (as per diagram I sent earlier). That would move Cisco out of your internal network (good thing (tm) since you don't control it, and obviously you are not very keen of person who does have control over it), and than you can do close to about anything you desire.
BTW, one stupid question, you did set ip_forwarding to 1 on Linux box, right? As I recall, it defaults to 0 (either in kernel, or startup scripts in various distributions set it to 0, not sure).
What John just suggested with virutal interfaces will also work. But with only one physical interface you must be carefull about ICMP redirects. Your Linux box is going to start spitting them out as soon as it detects two networks on same wire, unless you specifically tell it not to do that. If Cisco and Web2 boxes are set to obey them (bad thing (tm)), they'll just start talking directly to each other. Been there, done that.
Anyhow, whatever you choose to do, I would stronly recommend having two seperate wires. One for your internal network, and another for outside world. And since you don't have control over Cisco, it boils down to two NICs in your Linux box or two NICs in your Web box.
-- Aleksandar Milivojevic <amilivojevic@xxxxxx> Pollard Banknote Limited Systems Administrator 1499 Buffalo Place Tel: (204) 474-2323 ext 276 Winnipeg, MB R3T 1L7