PIx 515 newbie question

Unanswered Question
May 15th, 2007

Hi everybody,

I have a PIX 515, I would like to know if it's possible use it with two external internet provider. I mean I would like to cut our network in two subnet, one that will use a particular provdier to go outside in internet (a simple ADSL 2Mbit), and the other subnet use other internet provider (other ADSL 10Mbit).

Of course every subnet should be visible to each other.

Thansk a lot,any good advice will be very appreciated.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Richard Burts Tue, 05/15/2007 - 04:49

Cesare

I do not believe that a PIX is a good choice for all the functionality that you talk about. It does very well at firewalling, at inspecting traffic, at translating addresses, and other things like that. But it is not good at doing conditional routing (traffic from one subnet should go to one provider and traffic from another subnet should go to the other provider) which is much better done on a router than on a PIX. And internal subnets visibility to each other is also much better done on a router than a PIX (and in fact depending on the version of code that the PIX is running it may not even be possible - prior to 7.0 the PIX could not forward traffic out the same interface that it was received on, which the essential part of having the two subnets talk to each other). So I believe that you should consider using a router for much of this functionality (perhaps even 1 router inside and another router outside).

HTH

Rick

nibemcgestioni Tue, 05/15/2007 - 06:42

thanks a lot Rick, I'll probably but a router, and the I will use the PIX as simple firewall, moreover it is in failover so I have two PIx, so I probably use one for each provider.

thanks a lot again.

Actions

This Discussion