cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
678
Views
0
Helpful
2
Replies

PIX-515E routing between inside and outside

pete.zhut
Level 1
Level 1

I know this should be a very easy solution, but I have yet to solve how to route between the two interfaces. Meaning subnetA currently cannot connect to subnetB. I think that it is just a route issue, but I do not know. Please help.

2 Replies 2

froggy3132000
Level 3
Level 3

It probably has to do with the security levels or access-list. Post your config and a small diagram.

jmayes
Level 1
Level 1

PIX devices technically don't route between interfaces. To move traffic from one interface to another you must have a NAT translation set up between interfaces.

If you don't want to NAT to a different address range, you can NAT to the same addresses (like NATting from 192.168.1.0/24 to 192.168.1.0/24), but it does not act like a router and move traffic from interface to interface based on routing rules.

If you look at PIX config examples, you will see the NAT statements in the examples.

This is in addition to the issue of traffic being automatically permitted from a higher security # interface to a lower interface, but needing ACLs to permit traffic to originate at a lower security value interface to a higher security value interface.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: