Solved: PIX as a router

Rejohn Cuares · ‎08-14-2007

Hello Guys need your guidance!

Is it possible to use the PIX 515E as a router? See the link below for the network topology.

http://img259.imageshack.us/img259/2831/pixasarouterns1.jpg

Referring to the network topology. The client want that the two subnets (192.168.1.0/24 and 192.168.2.0/24) can access each other. In addition, both subnets be able to access the web.

Please rate replies and mark question as "answered" if applicable.

Jon Marshall · ‎08-14-2007

It would be a lot easier if it is version 7.x

What you can do is make the 2 interfaces that connect to your internal subnets the same security level. Then add the following command to your config

same-security-traffic permit inter-interface

This will allow traffic to flow freely between those 2 subnets without access-lists or NAT statements.

HTH

Jon

View solution in original post

Jon Marshall · ‎08-14-2007

Hi

Yes you can do this. Presumably you have 3 interfaces on the pix firewall ?

How you set this up depends on what version of code you are running on your pix ie. v6.x or v7.x.

Which version are you running on your pix ?

Jon

Rejohn Cuares · ‎08-14-2007

It has 6 interfaces. I still dont know the version of the Pix 515E however im sure it is 7.x coz it was bought last year 2006.

By the way each subnet contains 100+ users.

Please rate replies and mark question as "answered" if applicable.

Jon Marshall · ‎08-14-2007

It would be a lot easier if it is version 7.x

What you can do is make the 2 interfaces that connect to your internal subnets the same security level. Then add the following command to your config

same-security-traffic permit inter-interface

This will allow traffic to flow freely between those 2 subnets without access-lists or NAT statements.

HTH

Jon

Rejohn Cuares · ‎08-27-2007

thank you very much for your replies Jon!

Please rate replies and mark question as "answered" if applicable.