Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Routing Path of Backup ISP Link in Pix Firewall

Hi, I have one cisco router and there are two different ISP links is configured on router interface e0 and e1, and s1 serial port is directly connected with outside interface of pix firewall.

Router Configuration

Ip address e0 125.19.43.1/24 (Public Range)

Ip address e1 192.168.10.1/24 (Public Range)

Ip address s1 10.0.0.1/24 (Private Ip)

Fireall Config

Inside Network 172.16.0.1/24

Outside Interface 10.0.0.2/24

Now my question is, which of the commands we need to set on router to pass the traffic and fireall. I want my both links to be alive and when anyone link get down then traffic by default go from the other link and what would be Nat command cenario on router and firewall. Please send me full configuration, if possible.

5 REPLIES
New Member

Re: Routing Path of Backup ISP Link in Pix Firewall

Can anyone help me???

New Member

Re: Routing Path of Backup ISP Link in Pix Firewall

Do you want load balancing as well or just a failover link?

New Member

Re: Routing Path of Backup ISP Link in Pix Firewall

Want Load Balancing and know the configuration.

New Member

Re: Routing Path of Backup ISP Link in Pix Firewall

Can anyone response

New Member

Re: Routing Path of Backup ISP Link in Pix Firewall

Hi,

Take alook on this example, I think it will help you.

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_configuration_example09186a0080950834.shtml

This example explain how to configure policy-based routing in the router. for NATing from the firewall to the router, you can let the traffic pass through the firewal without NATing, and let the router to do NATing, or you can NAT all internal addresses to the outside interface of the firewall.

To remove the need of NATing through the firewall, use the command :

no ip nat-control

regards

103
Views
0
Helpful
5
Replies
CreatePlease login to create content