Route via another PIX

Answered Question
Jul 15th, 2008
User Badges:


I have an ASA 5510 ( that is my default gateway on my LAN ( I also have a PIX ( on my LAN that has a VPN established to another site that has a network. My servers on the network need to be able to communicate with the network. I am currently using staic routes on the servers to enable this (and it works fine) but I do not want to continue doing this. The inside port on the ASA is called PRG_LAN so I have added the command: route PRG_LAN 1 to the ASA but when I remove the static route on the servers they cannot ping as the could before. I thought the above static route would enable this. Any advise would be very welcome.



Correct Answer by lee.reade about 9 years 1 week ago
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
lee.reade Tue, 07/15/2008 - 03:30
User Badges:
  • Silver, 250 points or more


This is called hair-pinning, basically firewalls will not send incoming traffic back out the same interface as it came in on.

Most firewalls do this, all Cisco, as far as i remember.

Either put a router in front of the ASA and your LAN, or continue using the static routes.




This Discussion