Dual ip transit feeds into Single pix - IP Spoofing
We have a pix receiving two ip transit feeds from two isps on different interfaces. The default gateway for the outbound traffic is thru the preferred ISP, but causes problems receiving traffic from the alternative ISP and blocks traffic due to the default route being different to the original source. The problem goes if I disable ip spoof checking on the 2ndary interface, but I guess this increases the potential compromise risk. Any advice on how to get round this problem?
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...