Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

PIX default gateway?

I have recently replaced a Checkpoint FW1/NT4 box with a PIX 515 (v7). I'm now having all sorts of problems routing around the network. Specifically, my WAN sites (which are connected through another PIX) cannot be reached by some apps unless I place a static route directly to the WAN PIX. I replaced the Checkpoint because I thought that v7 supported 'hairpinning' (which I think I need to support this way of doing things).

Basically, I need traffic destined for the WAN to be sent to the second PIX from the default gateway (the first PIX).

I have NAT exemptions and static routes but no cigar......


Re: PIX default gateway?

You should post your config for the home Pix and (at least) one of the remotes.

Basically you'd need a static to each remote LAN block from Home, with the next hop being the WAN address of the remote, and the DG at each remote pointing to Home.

If each remote also has Internet directly (i.e., not via the Home network), then make the remote DG point to the ISP's gateway, with a static pointing back to the Home LAN or multiple statics if you are going remote-to-remote, with the next hop being the Home WAN address).

Post up some sanitized configs and we can take it from there.

Good Luck