Inside routing pix 515

cisco7889 · ‎10-21-2005

I have a problem with inside routing on a pix 515. The pix has inside ip 192.168.200.254/24 and is acting default-gate to all nodes on this net. There is also a vpn router on the inside with ip adress 192.168.200.245/24. vpn router has a default route to pix inside interface. There are coming trafik from net 192.168.210.0/24 on the vpn router and i want this to return to the vpn router with a route in the pix 515 "route inside 192.168.210.0 255.255.255.0 192.168.200.245 1" but in the pix log i get message "no route found to 192.168.210.0" I don´t understand this, maybe the static route isn´t right. I would be very grateful for an answer. /Regards Jonny

ddarby1 · ‎10-21-2005

Nothing wrong with your route statements by the looks of it. Sh route for the PIX should have at least the two following commands in it:

inside 192.168.200.0 255.255.255.0 192.168.200.254 1 CONNECT static

inside 192.168.210.0 255.255.255.0 192.168.200.245 1 OTHER static

Don't personally like the numbering in use (easy to confuse 254 with 245), but the problem should be with some other part of the config, I'd guess.

jackko · ‎10-21-2005

you mentioned, "There are coming trafik from net 192.168.210.0/24 on the vpn router and i want this to return to the vpn router with a route in the pix 515 "route inside 192.168.210.0 255.255.255.0 192.168.200.245 1"".

assuming the pix receives the packet from the inside interface, pix by default will not re-route the packet back to the vpn router via the inside interface.

fzamora · ‎10-28-2005

Hi,

Unfortunately the PIX does not route traffic through the same interface it received it. Check the link below:

http://www.cisco.com/en/US/partner/products/hw/vpndevc/ps2030/products_qanda_item09186a0080094874.shtml

Franco Zamora

froggy3132000 · ‎10-29-2005

I believe that with 7.X code you can do it.