Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
491
Views
0
Helpful
2
Replies

Multiple Outside Interfaces

dhorsey
Level 1
Level 1

‎02-12-2002 12:25 PM - edited ‎03-08-2019 09:48 PM

Just trying to figure out if this scenario will work.

I would like to setup two ouside interfaces and two DMZ's on my pix firewall. ie. each outside interface will be attached to different routers connected to the Internet.

Traffic will not need to be routed between the two networks. ie outside interface 1 will send traffic to dmz1 and outside interface 2 will send traffic to dmz 2

If this will work, how do I setup the route command?

Would this work?

route outside1 "dmz1 ip's" "dmz1 subnet" "router1 ip" 1

route outside2 "dmz2 ip's" "dmz2 subnet" "router2 ip" 1

Thanks for the help!

Dave

Labels:
0 Helpful
2 Replies 2

rrbleeker
Level 1
Level 1

‎02-13-2002 10:03 AM

No, this will not work. The PIX looks at the destination IP address to determine where to send a packet to and not the next-hop address. If you send traffic from an DMZ interface to an destination on the Internet, the pix will use its default gateway, unless you have a static route for that destination.

0 Helpful

ajd
Level 1
Level 1
In response to rrbleeker

‎02-17-2002 06:39 PM

Look in the Cisco Press book, Managing Cisco Network Security, there are multiple instances of dual 'provider' networks with no default route.

Also, look into Policy Based Routing/Route Maps and perhaps looking again at your topology.

-ne1secure?

0 Helpful
Customers Also Viewed These Support Documents