Cisco 515e PIX Firewall: Route only port 80 and 443 traffic
I have a PIX 515e firewall with 3 interfaces (Inside, ISP_1, ISP_2). I currently have everything routed to ISP_1 but I would like to route all Web Browsing traffic (port 80 and 443) to ISP_2 and all other traffic continue out ISP_1.
I have setup an ACL specifying all traffic going to 0.0.0.0 on port 80 and 443 to use ISP_2. But for some reason when I do that, that ACL rule reverts back to ISP_1. I am using the PIX PDM GUI.
Also, I do not have a static route defined for the ISP_2 interface, only an ACL. I am not sure how to define that route since I already have one ISP_1. Would it be somehthing like this?
<local network> <Local subnet> route to <ISP_1>
<local network> <Local subnet> route to <ISP_2>
I am not sure how the above would work. I still want all non port 80 and 443 traffic to go out through ISP_1.
Re: Cisco 515e PIX Firewall: Route only port 80 and 443 traffic
If you want to differentiate traffic flows then yes. You could use one router and connect to both ISPs and do the route map (as well as firewall services). I believe that route map support on L3 switches depends on the platform and Enhance Image IOS.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...