fw routing issue

Unanswered Question
Apr 9th, 2008

hi I have following fw routing issue on pix 7 fw

route int2 x.x.x.5 gtw2 1

route int1 x.x.x.0 gtw1 2

I want traffic to x.x.x.5 goes over int2, but no metter what I do, traffic goes over int1. How to solve this?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
husycisco Wed, 04/09/2008 - 06:07

Hi Dragan

I think issue is about your NAT statements. Please post attach your config, specify desired dest IPs.


dragec Wed, 04/09/2008 - 22:56

static (int1,inside) x.x.x.0 x.x.x.0 netmask

static (int2,inside) x.x.x.5 x.x.x.5 netmask

husycisco Thu, 04/10/2008 - 03:18


Try this

static (inside,int1) x.x.x.0 x.x.x.0 netmask

static (inside,int2) x.x.x.5 x.x.x.5 netmask

If doesnt work, something else in your config might be preventing. Please post your sanitized config if doesnt work.

dragec Fri, 04/11/2008 - 02:38

:-)) why would I do that? x.x.x.0 is behind int1 interface and x.x.x.5 is behind int2 interface.

manjula.dealwis Fri, 04/11/2008 - 05:39

Hey Guys,

Dont you need to put nat as "static(High security int,Low securiy Int)Low securityIP,HighsecurityIP netmask 255X3" in security levels when it come to static Natting.

This is just a thought.


This Discussion