Routing Path of Backup ISP Link in Pix Firewall

Unanswered Question
Mar 2nd, 2008

Hi, I have one cisco router and there are two different ISP links is configured on router interface e0 and e1, and s1 serial port is directly connected with outside interface of pix firewall.

Router Configuration

Ip address e0 125.19.43.1/24 (Public Range)

Ip address e1 192.168.10.1/24 (Public Range)

Ip address s1 10.0.0.1/24 (Private Ip)

Fireall Config

Inside Network 172.16.0.1/24

Outside Interface 10.0.0.2/24

Now my question is, which of the commands we need to set on router to pass the traffic and fireall. I want my both links to be alive and when anyone link get down then traffic by default go from the other link and what would be Nat command cenario on router and firewall. Please send me full configuration, if possible.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
alanajjar Thu, 03/13/2008 - 05:38

Hi,

Take alook on this example, I think it will help you.

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_configuration_example09186a0080950834.shtml

This example explain how to configure policy-based routing in the router. for NATing from the firewall to the router, you can let the traffic pass through the firewal without NATing, and let the router to do NATing, or you can NAT all internal addresses to the outside interface of the firewall.

To remove the need of NATing through the firewall, use the command :

no ip nat-control

regards

Actions

This Discussion