Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

How to setup second PIX 515 for a second redundent Internet connection

I have our HQ site in Hampton and a large subordinate site in Norfolk connected by 2 Full T-1s. We currently have only 1 internet connection in Hampton which is connected to the only PIX 515 firewall we have. I am adding a additional Internet connection in Norfolk and want to install a second PIX 515 firewall at the Norfolk site. The intent is Internet redundency and to free up bandwidth on the 2 T-1 that connect Hampton and Norfolk. We are using private IP space and NAT. The final goal is that if the Internet connection fails in Hampton then users will automatically be redirected to the good connection in Norfolk. Sorry this is long but it is a first for me to configure. Can anyone give me some best practice examples or point me to some how to....please Thanks

Cisco Employee

Re: How to setup second PIX 515 for a second redundent Internet


So this is your design



Suppose R1, PIX1, Ry are on the HQ Side

R2, PIX2 and Rx are on Norfolk

I would recommend to use OSPF on all your internal networks and advertise default routes from your routers Ry and Rx. With some different admin distances etc. This way if one router (either Rx, or Ry) stops advertising a default route, because of a link failure, the other default route from the other router will kick in. Don have any sample configs on this, but it can atleast get you started.



New Member

Re: How to setup second PIX 515 for a second redundent Internet

Thanks.....looks very promising and I will get started testing

Thanks for taking the time to help

CreatePlease to create content