My question is the next: I have a PIX 515E with 7.2 software and I have two ISPs connection, but now I use only one of them. I plan two use both ISPs' lines and one half of the traffic I route to the ISP A and other to ISP B (based on soiurce Private Address). How can I integrate both lines to the firewall? I have static default route to ISP A now.
You cannot load-balance on the PIX. The Cisco Secure PIX Firewall is designed to handle only one default route. When you connect two ISPs to a single PIX, it means that the Firewall needs to make routing decisions at a much more intelligent level. Instead, use a gateway router outside the PIX so that the PIX continues to send all of its traffic to one router. That router can then route/load-balance between the two ISPs. An alternative is to have two routers outside the PIX using Hot Standby Router Protocol (HSRP) and set the default gateway of the PIX to be the virtual HSRP address. Alternatively, (if possible) you can use Open Shortest Path First (OSPF) which supports load balancing among a maximum of three peers on a single interface.
This feature allows you to configure a link standby ISP if the link to your primary ISP fails. It uses static routing and object tracking to determine the availability of the primary route and to activate the secondary route when the primary route fails.
For more information, see the " Configuring IP Routing and DHCP Services" chapter in the Cisco Security Appliance Command Line Configuration Guide.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...