static route on cisco pix 515e

Unanswered Question
Aug 15th, 2008

Hi all. I have a cisco pix 515e where the internal ip is and dmz ip is I have a router which connects subnet with the ip and connects to subnet. There is a server on my dmz with the ip 192.168.2.x that i want it to connect to another server in subnet. Hence i would like to add a static route on my pix as below.


I understand that the ciscopix 515e with version 6.x cannot do hairpinning which is routing using the same interface. Hence for this scenario(which is not hairpinning) will the server in dmz be able to access the server 192.168.3.x after i add the above static route? Thks in advance.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Marwan ALshawi Fri, 08/15/2008 - 01:42

route inside

and u need a route on the router aswel


ip route 192.168.254

and u need the following acl on the pix

access-list 100 permit ip

access-group 100 ininterface dmz

good luck

please, if helpful rate

donnie Fri, 08/15/2008 - 06:50

Hi Marwanshawi,

Thks for the advise. I forgot abt the return path, thk u for highlighting it to me. Basically i post this question because my boss says adding static routes to firewall is not possible. However i feel that as long as its not hairpinning, static routes added to the firewall would work.


This Discussion