Newbie question about static route on a pix 515

Unanswered Question
Mar 13th, 2007
User Badges:

Hi everybody, i'm try to configure a pix 515. It has 5 eth ports. One of these is connected to our public ip, one other connected to out intranet. And that's ok we can use internet without problem.

The problem rise when I configure one other port with an other pubblic ip. All the traffic coming from that last port should be routing to a particular box.

but when I try to add a static route for that interface like 0.0.0.0 as ip 0.0.0.0 as netmask and 172.21.*.* as private ip it told me that I have other route with the same configuration, the one used for the port of the first public ip. I hope to be enougth clear! Anyone can give me some good advice?

thanks a lot



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
acomiskey Tue, 03/13/2007 - 10:35
User Badges:
  • Green, 3000 points or more

Post your current route statements and the one you are trying to enter.

nibemcgestioni Wed, 03/14/2007 - 00:31
User Badges:

than you for ur reply.

Now my interface are these:

NAME IP

eth0: outside public IP

eth1: inside 172.21.2.180

eth2: DMZ-CDN 172.21.7.180

eth3: newWEB otherpublicIP


Now the route table is:


INTERFACE IP GW

outside 0.0.0.0 public IP


here I would like to insert these line:


newWEB 0.0.0.0 internal IP


Probably I cant specify two default route, even if I supposed that I can do it just because it's other inteface.

Probably I'm a newbie, and I miss something concept, sorry


thanks again I really appreciated



Jon Marshall Wed, 03/14/2007 - 04:01
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Hi


Not sure i fully understand. If all traffic coming off that DMZ with the new public IP should go to one internal address then you don't need a default route entry.


If the internal IP is pingable from the pix already then you don't need a route at all. If the pix does not know how to get to the internal IP you will need the follwing


route inside "internal IP" 255.255.255.255 "internal router IP".


I'm assuming in this that the internal IP is reachable from the inside interface of the pix.


Have i misunderstood


HTH


Jon

nibemcgestioni Wed, 03/14/2007 - 05:47
User Badges:

Yes you have right, let's begin with what I would like to do. I have a pix 515s one port is used to go outside in Internet and it used also to route to our web server, other port is connected to our internal intranet, with this configuration all my client can browse internet nad also we have a box that can be reached from outside that is our site web.

Now I have other ISP that gives me a internet connection faster than the actual. And i would like connect to our Pix, that have also other internet connection.

With this new internet connection i would like to make other web server reacheable from outside, but seems that i can't do that because it goes against the actual configuration where there is the other ISP.

Hope to be understood this time!

I'll really appreciated any advice.

thanks again



Actions

This Discussion