Is it possible to Route "to" redundant paths through the PIX?

Unanswered Question

We have a partner company which we share wire with so when we became partners we were able to configure a direct link between our networks in a shared closet.

We want to be able to protect our respective networks so we have dedicated PIX firewalls that will sit in between us. Now, the network gurus ran 2 seperate lines for redundancy between us which we will call VLAN101 and VLAN102. They want to be able to actually use both lines all the time but of course all traffic travel through one or the other if one fails.

The PIX has 4 interfaces which I have configured as Inside (our side of the network), outside (Their side of the network), failover, and state.

So our internal routers will point to the inside interface of my firewall as the gateway to get to the other side. Now, I know I can configure my route through the PIX to get to their side but I don't think the PIX has the ability to route to multiple VLANS to the same destination. Even if I use trunking on the outside interface to allow for those to paths I can't apply costs or anything to it...

Any thoughts on how I can accomplish this? Can it be done?

I am running PIX 525's (Primary and a failover only box) running 6.3(4).


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
nkhawaja Thu, 10/27/2005 - 21:22
User Badges:
  • Cisco Employee,


if by this

"but I don't think the PIX has the ability to route to multiple VLANS to the same destination"

you mean layer 3 vlans or subnets, then pix can route to same destiantion. could you explain further on this.

you can run ospf to associate costs / metrics etc to routes




This Discussion