How to add static routes with PIX?

Unanswered Question
Feb 5th, 2004
User Badges:

Is it possible to add static routes to a PIX and have them work?


Ex. PIX inside IP is 192.168.0.1

VPN concentrator used for remote office VPN's: 192.168.0.2

Remote office connecting via VPN: 192.168.10.0



I want to add a static route on the pix to point to 192.168.0.2 for access to the .10.0 network?


I have set this up as a static route but clients on the .1.0 network cannot route to the .10.0 network without having a local static route setup in the OS.


Thanks,

Jason

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

You might be toast. Clients on the .0.x network will need the static route because they cannot send packets to the pix on 0.1, and have the pix send them back out through the concentrator because the pix will not send packets back out the interface they came in on. Adding a static route to the pix thus won't work, except possibly for packets it received on an interface other than the inside one


You could install a router, and segment your network. Having a router (between the client pcs and the pix + vpn box) with a static route to the concentrator for 10.x would alleviate this. Terminating the tunnels on the pix is another option.

Actions

This Discussion