2 PIX's to 2 BGP routers in 2 different locations on a routed LAN?
This seems like it SHOULD be a simple thing to do. Maybe I'm missing something obvious. After 9/11 we were forced to install another Internet access point at another location outside NYC. We basically duplicated what we had in NYC: Pix firewall on our local lan with a BGP router on the outside. Now that our downtown NYC location is back up again, I want to utilize both potential paths to the internet for redundancy and load. However, on the inside we run EIGRP (each of our 6 buildings have a private /24 and are connected by multiple routes for redundancy). Any ideas on a best solution? Split the EIGRP group maybe? How do I maintain a single set of statics for my web, DNS, and mail server?
Re: 2 PIX's to 2 BGP routers in 2 different locations on a route
I don't think it is as simple as it might look at first sight. Don't forget that the pixes are stateful, which mandates that return traffic need to use the same path as the oringinal traffic. Also, you also require the two BGP router to communicate, and to be able to forward packets if the other BGP router has a better path. This is definately a situation for a lab environment. I don't think it is impossible, but definately not easy.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...