Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
337
Views
0
Helpful
4
Replies

Newbie question about static route on a pix 515

nibemcgestioni
Level 1
Level 1

‎03-13-2007 10:25 AM - edited ‎03-11-2019 02:45 AM

Hi everybody, i'm try to configure a pix 515. It has 5 eth ports. One of these is connected to our public ip, one other connected to out intranet. And that's ok we can use internet without problem.

The problem rise when I configure one other port with an other pubblic ip. All the traffic coming from that last port should be routing to a particular box.

but when I try to add a static route for that interface like 0.0.0.0 as ip 0.0.0.0 as netmask and 172.21.*.* as private ip it told me that I have other route with the same configuration, the one used for the port of the first public ip. I hope to be enougth clear! Anyone can give me some good advice?

thanks a lot

Labels:
0 Helpful
4 Replies 4

acomiskey
Level 10
Level 10

‎03-13-2007 10:35 AM

Post your current route statements and the one you are trying to enter.

0 Helpful

nibemcgestioni
Level 1
Level 1
In response to acomiskey

‎03-14-2007 12:31 AM

than you for ur reply.

Now my interface are these:

NAME IP

eth0: outside public IP

eth1: inside 172.21.2.180

eth2: DMZ-CDN 172.21.7.180

eth3: newWEB otherpublicIP

Now the route table is:

INTERFACE IP GW

outside 0.0.0.0 public IP

here I would like to insert these line:

newWEB 0.0.0.0 internal IP

Probably I cant specify two default route, even if I supposed that I can do it just because it's other inteface.

Probably I'm a newbie, and I miss something concept, sorry

thanks again I really appreciated

0 Helpful

Jon Marshall
Hall of Fame
Hall of Fame
In response to nibemcgestioni

‎03-14-2007 04:01 AM

Hi

Not sure i fully understand. If all traffic coming off that DMZ with the new public IP should go to one internal address then you don't need a default route entry.

If the internal IP is pingable from the pix already then you don't need a route at all. If the pix does not know how to get to the internal IP you will need the follwing

route inside "internal IP" 255.255.255.255 "internal router IP".

I'm assuming in this that the internal IP is reachable from the inside interface of the pix.

Have i misunderstood

HTH

Jon

0 Helpful

nibemcgestioni
Level 1
Level 1
In response to Jon Marshall

‎03-14-2007 05:47 AM

Yes you have right, let's begin with what I would like to do. I have a pix 515s one port is used to go outside in Internet and it used also to route to our web server, other port is connected to our internal intranet, with this configuration all my client can browse internet nad also we have a box that can be reached from outside that is our site web.

Now I have other ISP that gives me a internet connection faster than the actual. And i would like connect to our Pix, that have also other internet connection.

With this new internet connection i would like to make other web server reacheable from outside, but seems that i can't do that because it goes against the actual configuration where there is the other ISP.

Hope to be understood this time!

I'll really appreciated any advice.

thanks again

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card