Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

BGP advertisement - with multiple ISP connection and PIX 525 firewall

I would like to hear some of the best practices in setting up dynamic routing for two sites connected on the backside to provide alternate routing (multihome) in case one of my ISP's lose my front door connection. Included in this design is a DMZ that has a PIX 525 for each site.

The topology is this:

Campus A has one security/screening 7206VXR router connecting to ISP A using BGP

Downstream connection from the screening router 7206VXR Campus A is a to PIX 525 that goes to the installation Catalyst6509. The Cat 6509 has a T3 going accross to Campus B that has the same setup with a Catalyst 6509 to a PIX and then to a screening router that goes to another ISP.

I know that PIX doesn't allow for OSPF, EIGRP ...etc for dynamic routing. I'm currently setup with static routes but now I've lost that diversity of using Alternate routing in case I lose a front door connection with the static routes. I'm considering interior BGP to connect between the screening router - PIX - to Cat6509 that way I can continue running EBGP and IBGP with route maps using for AS_Path statements. Any thoughts or other options? I'm willing to clarify if needed.

Thanks,

Sep

2 REPLIES
New Member

Re: BGP advertisement - with multiple ISP connection and PIX 525

As per my knowledge this should work.You can refer to the following documents for more information:

http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_configuration_guide_chapter09186a008008d313.html

New Member

Re: BGP advertisement - with multiple ISP connection and PIX 525

Thanks! I plan to implement in 1 week. I'll let you know.

101
Views
0
Helpful
2
Replies