Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
281
Views
0
Helpful
2
Replies

Separati traffic outbound to a firewall based on IP address source

altecspa
Level 1
Level 1

‎06-01-2006 01:34 AM - edited ‎03-09-2019 03:06 PM

Hi,I am following a course Cisco, in these days I am carrying out a stage in company, I would want to ask a suggestion on a case study.

It has been asked to estimate the possibility to separate the traffic outbound to a firewall PIX 520 6.2(2) based on IP address source.

In other words, the firewall has 6 interfaces:

ethernet0 --> outside1 (it goes on Internet through a ISP_1)

ethernet1 -->inside

ethernet2 --> dmz1

ethernet3 --> outside2 (it goes on Internet through a ISP_2)

ethernet4 --> dmz2

ethernet5 --> dmz3

outside1 is connected to the router1

outside2 is connected to the router2

I would want to address the traffic of the dmz1 and dmz2 to the interface outside1 and the traffic of the dmz3 to the interface outside2.

I had thought to use the access lists in outbound to the interfaces outside1 and outside2, but on the firewall the access lists are applied to traffic inbound to an interface. Would you have any suggestions?

Thanks and Regards

Paolo

Labels:
0 Helpful
2 Replies 2

dentt
Level 1
Level 1

‎06-01-2006 07:37 AM

It sounds like what you are trying to do is source route using the PIX. The PIX can only do destination routing.

I this case, I would put all of your outbound traffic through a single outside interface on the pix to a router, then source route from that router to the 2 ISP routers.

Hope that helps.

0 Helpful

altecspa
Level 1
Level 1
In response to dentt

‎06-08-2006 12:08 AM

Thanks for your suggestion.

Paolo

0 Helpful
Customers Also Viewed These Support Documents