You need to track the default route on the PIX and in the situation when it fails, the route should fallback to the default route pointing towards the dmz of the pix through which it is connected to the ASA.
Re: How to setup Failover between ASA & PIX Firewall for Interne
I am attaching the visio diagram of my current setup.
At present my traffic is configured to go towards 20mb link and through ASA firewall .
ASA firewall connected 192.168.4.2 gi 0/2 DMZ1 to PIX FW 192.168.4.1 eth0 inter ( DMZ4) .but both are currently not pinging.
Currently tracking is configured for primary link which goes towards 20mb link and i would like to have tracking to configured for secondary link 10mb link so that internet traffic should automatically divert in case of20mb primary link goes down.
What Global nat commands are required on both ASA and PIX FW and other commands required for this ssetup.
My another request is i am not able to setup Tacacs authentication on the 3820 with the below commands and tacacs working till ASA FW.
aaa new-model aaa authentication login default group tacacs+ local aaa authentication login console none aaa authentication enable default group tacacs+ enable aaa authorization exec default group tacacs+ if-authenticated aaa authorization network default group tacacs+ aaa accounting update newinfo aaa accounting exec default start-stop group tacacs+ aaa accounting commands 15 default start-stop group tacacs+ aaa accounting network default start-stop group tacacs+ aaa accounting connection default start-stop group tacacs+ aaa accounting system default start-stop group tacacs+
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...