Outside IP migration on PIX

sdemlow007 · ‎06-05-2007

I have to migrate a PIX to a different IP block on the outside interface. Unfortunately, my only means of connection is via SSH on the outside interface. How is it possible to change the outside IP and default route without losing my SSH session by changing one or the other? I know I have done this before but, I can't find the procedure. Thanks in advance.

Jon Marshall · ‎06-05-2007

Hi

What is the new default route going to be and is the next hop already there or does the ISP have to make a change as well ?

Jon

sdemlow007 · ‎06-05-2007

I was told that both routes (old & new) would be available at the same time. The only thing that I could think of was to add another default route, then change the outside IP. Like so:

route outside 0.0.0.0 0.0.0.0 10.0.0.1 255.255.255.0 1 (OLD)

route outside 0.0.0.0 0.0.0.0 20.0.0.1 255.255.255.0 2 (NEW)

ip address outside 20.0.0.2 255.255.255.0

Once I got back in I was going to remove the old default route and change the new route to the metric of 1.

I'm thinking that the new gateway is not available.

Jon Marshall · ‎06-05-2007

Hi

if they are both available at the same time i would

1) Log in and set up a host specific route for the machine you are connecting from pointing back through the old gateway.

2) Change the default route to point to the new gateway.

3) Change the outside interface of the pix.

I'm not sure adding 2 default routes will work as you want.

HTH

Jon

sdemlow007 · ‎06-07-2007

Thank you sir. I'll give that a shot and report the results in a little while.

sdemlow007 · ‎06-07-2007

Pfffffffft...Kinda of what I suspected, the ISP's "new" gateway is not operational (even though I verified that it was through 2 of their techs). Thank you for your assistance though as I did use that at a different remote location and it worked like a champ.

Jon Marshall · ‎06-07-2007

Glad it worked and thanks for letting me know.

Jon