Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Adding a second DSL line to my Cisco PIX 506E

Hi guys:

Have a question for anyone who can help me sort this thing out. We have an

SBS 2000, 34 users, with a single network card, attached to a Cisco 506e

firewall, connected to a Netopia Cayman Router (DSL). We tried to upgrade our

DSL conection as we are using much more internet to download documents. But

unfortunately due to our location we have the max 384k -1.5mb., our next

step would be to install a T-1 and that's too expensive. I was wondering if

it's best to add a second DSL line with another static IP provided by our ISP service to

balance the bandwidth. If its best, what do I need to do on my SBS server.

We use the Cisco firewall to VPN, Exchange and OWA are already installed and

running fine. I assume that we need to get a router to connect the 2 DSL

lines to the Firewall, if we do,,,which router brand can you guys recommend as best?. Can the Pix 506 handle 2 dsl lines at the same time? If it can, what changes do I need to do on the PIX?

Thanks in advance to everyone.

Denise

  • Other Security Subjects
1 REPLY
Gold

Re: Adding a second DSL line to my Cisco PIX 506E

adsl_1 <--adsl_1 int--> rt <--ethernet int--> pix ouside int

adsl_2 <--adsl_2 int--> rt <--ethernet int--> pix outside int

apply both adsl_1 and adsl_2 assigned public ip on the router adsl_1 and adsl_2 interface respectively.

assign segment between router ethernet interface and pix outside interface private ip scheme.

on the router, configure nat in order to publish the pix. so pix can continue serving as vpn server. also, configure nat for exchange.

e.g.

203.1.1.1 on router adsl_1 interface

203.2.2.1 on router adsl_2 interface

192.168.1.1 on router ethernet interface

192.168.1.2 on pix outside interface

172.16.1.1 on pix inside interface

then you need to choose which adsl as the primary in order to publish the pix and exchange.

further, you can separate the traffics in order to traverse different adsl links. e.g. adsl_1 for vpn and email; whereas adsl_2 for internet browsing.

regarding suggestion of router, 1751 is one of them as you can install 2 wan modules.

http://www.cisco.com/en/US/products/hw/routers/ps221/products_data_sheet09186a0080088719.html

235
Views
0
Helpful
1
Replies
This widget could not be displayed.