Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

Multiple ISP's connected to PIX

I want to connect multiple ISP's (three) connected to PIX outside interface for differenciated service.

These ISP's will gice me three different blocks of IP addresses.

I can do NAT with three different IP pools.

But, how can I create multi-homed network on PIX outside interface ?

That is, can I give multiple ( secondary ) IP address to PIX outside interface ?

4 REPLIES
Cisco Employee

Re: Multiple ISP's connected to PIX

you can not do this on the pix.

Regards,

Community Member

Re: Multiple ISP's connected to PIX

Thanks,

Is it possible to connect three ISP's to three differant PIX interfaces ?

Is this a recomended solution ?

Community Member

Re: Multiple ISP's connected to PIX

First of all I think the killer is that the pix can only have one default route. Thus while your pix will receive traffic on any of 3 interfaces, the traffic back will take one and only one path, which probably won't work. You have to consider the path that inbound packets take from outside to inside servers and then back out the pix to the source.

You would be much better off implementing the multihomed routing on a separate platform, such as a 26xx or 3xxx series router. Additionally, you will have a much easier time if you get an ASN and do BGP, rather than having 3 separate IP address blocks.

IOS software has the following features that the PIX does not, that make multihoming without BGP possible: policy based routing, NAT route-maps, and multiple default routes

Community Member

Re: Multiple ISP's connected to PIX

Thanks Jamison,

I already have looked at the option of NAT route-maps.

It would be great that if you could give me some referance to the other two options, ie; policy based routing and multiple default routes.

106
Views
0
Helpful
4
Replies
CreatePlease to create content