11-28-2005 06:20 AM - edited 03-03-2019 12:56 AM
Hello!
We have a network that is connected to two ISPs through two PIX firewalls. Those firewalls are connected to a single router. Also we have a server connected to the same router.
Then a number of external users make their connections to our server from outside. Some of those connections go through ISP1 and PIX1 while the others go through ISP2 and PIX2.
The question is: how to configure router so that it route backward traffic to the right interface?
For instance: if incoming packet was from ISP1 then reply from server to client should go through PIX1 as well. If the router send reply through PIX2 the session will break hence PIX1 cannot track the session.
How to overcome the problem?
11-30-2005 02:17 AM
Cluster your firewalls. I don't know if this is possible with PIX firewall. Nokia/Checkpoint is able to do this. The router has a source/destination and does not track the firewall it received it packets from.
11-30-2005 02:50 AM
Clustering is not an option. Because PIXes are far away from each other.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide