fw routing issue

Unanswered Question
Apr 9th, 2008
User Badges:

hi I have following fw routing issue on pix 7 fw


route int2 x.x.x.5 255.255.255.255 gtw2 1

route int1 x.x.x.0 255.255.128.0 gtw1 2


I want traffic to x.x.x.5 goes over int2, but no metter what I do, traffic goes over int1. How to solve this?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
husycisco Wed, 04/09/2008 - 06:07
User Badges:
  • Gold, 750 points or more

Hi Dragan

I think issue is about your NAT statements. Please post attach your config, specify desired dest IPs.


Regards

dragec Wed, 04/09/2008 - 22:56
User Badges:

static (int1,inside) x.x.x.0 x.x.x.0 netmask 255.255.128.0

static (int2,inside) x.x.x.5 x.x.x.5 netmask 255.255.255.255

husycisco Thu, 04/10/2008 - 03:18
User Badges:
  • Gold, 750 points or more

Dragan,

Try this

static (inside,int1) x.x.x.0 x.x.x.0 netmask 255.255.128.0

static (inside,int2) x.x.x.5 x.x.x.5 netmask 255.255.255.255


If doesnt work, something else in your config might be preventing. Please post your sanitized config if doesnt work.

dragec Fri, 04/11/2008 - 02:38
User Badges:

:-)) why would I do that? x.x.x.0 is behind int1 interface and x.x.x.5 is behind int2 interface.

manjula.dealwis Fri, 04/11/2008 - 05:39
User Badges:

Hey Guys,


Dont you need to put nat as "static(High security int,Low securiy Int)Low securityIP,HighsecurityIP netmask 255X3" in security levels when it come to static Natting.

This is just a thought.

Actions

This Discussion