cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
276
Views
0
Helpful
3
Replies

PIX configured with 2 ISP links

timit
Level 1
Level 1

Hi, I would like to know is it possible/advisable to have 2 ISP links on PIX515E interfaces so that if one goes down the other will be up for outside users to access the server services inside the PIX local LAN with out any service disturbance. Please advice and kind enough to send me the sample configurations. Thanks.

3 Replies 3

JORGE RODRIGUEZ
Level 10
Level 10

Yes it is possible.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00806e880b.shtml#req

you may need to run 7.2.x code for the backup command as this was introduced in code 7.2.1

Jorge Rodriguez

This document says "this setup may not be suitable for inbound access to resources behind the security appliance." And my requirement is mainly for inbound continues access. So, Will this work for inbound access by configuring with the simple static and access-list commands for the corresponding ISP interfaces along with the above Backup interface configurations? Please advise.... Is anyone tried this before?

it will not work with inbound access with above example , personaly I have not faced this scenario but would definately like to lab this out, frankly I don't know if there is a simpler way to do this, if you want to have inbound access through ISP2 should ISP1 fail or vise versa this becomes a bit complicated as may question arises with DNS , and NATing two different public IP blocks into single inbound host but possible, you would have place a router in front of firewall and BGP multihomed with two ISP.

You may also post your initial question in WAN routing forum, where there are much more audience that may have done your requirements.

these links may also help

http://www.oreillynet.com/pub/a/network/2001/05/11/multihoming.html

http://www.spirit.com/Network/net0503.html

http://www.cisco.com/en/US/tech/tk365/technologies_configuration_example09186a008009456d.shtml

Jorge Rodriguez
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: