Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
366
Views
0
Helpful
4
Replies

PIX as a router

Go to solution
Rejohn Cuares
Level 4
Level 4

‎08-14-2007 02:28 PM - edited ‎02-21-2020 01:38 AM

Hello Guys need your guidance!

Is it possible to use the PIX 515E as a router? See the link below for the network topology.

http://img259.imageshack.us/img259/2831/pixasarouterns1.jpg

Referring to the network topology. The client want that the two subnets (192.168.1.0/24 and 192.168.2.0/24) can access each other. In addition, both subnets be able to access the web.

Please rate replies and mark question as "answered" if applicable.
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to Rejohn Cuares

‎08-14-2007 11:29 PM

It would be a lot easier if it is version 7.x

What you can do is make the 2 interfaces that connect to your internal subnets the same security level. Then add the following command to your config

same-security-traffic permit inter-interface

This will allow traffic to flow freely between those 2 subnets without access-lists or NAT statements.

HTH

Jon

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

‎08-14-2007 04:58 PM

Hi

Yes you can do this. Presumably you have 3 interfaces on the pix firewall ?

How you set this up depends on what version of code you are running on your pix ie. v6.x or v7.x.

Which version are you running on your pix ?

Jon

0 Helpful

Go to solution
Rejohn Cuares
Level 4
Level 4
In response to Jon Marshall

‎08-14-2007 11:10 PM

It has 6 interfaces. I still dont know the version of the Pix 515E however im sure it is 7.x coz it was bought last year 2006.

By the way each subnet contains 100+ users.

Please rate replies and mark question as "answered" if applicable.
0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to Rejohn Cuares

‎08-14-2007 11:29 PM

It would be a lot easier if it is version 7.x

What you can do is make the 2 interfaces that connect to your internal subnets the same security level. Then add the following command to your config

same-security-traffic permit inter-interface

This will allow traffic to flow freely between those 2 subnets without access-lists or NAT statements.

HTH

Jon

0 Helpful

Go to solution
Rejohn Cuares
Level 4
Level 4
In response to Jon Marshall

‎08-27-2007 09:31 PM

thank you very much for your replies Jon!

Please rate replies and mark question as "answered" if applicable.
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card