Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

One PIX to be connected to two different ISPs

We have two leased lines from two different ISPs getting terminated on two different routers which are connected to a single switch. We would like to put one PIX firewall between the inside nework and this switch. Questions are: Can we assign two IP addresses to outside interface? If not, can we put additional interface in PIX and assign security level near to outside security level, i.e. say 1? What could be the configuration changes to keep in mind while implementin this security level idea?

Also let us know any other ideas/suggestions.

Thank you all in advance.

1 REPLY
New Member

Re: One PIX to be connected to two different ISPs

Hi,

I guess we talk about a situatipon where the 2 ISP does not do BGP, so you have 2 different public ip address ranges on the PIX outside.

Unfortunatelly there is no way to configure 2 IP addresses on the PIX outside interface.

The second one seems correct at first glance (putting additional interface in PIX ), but unfotrunatelly the PIX does not support 2 default route definitions. You would need the config lines:

ip route 0.0.0.0 0.0.0.0 GW_1

ip route 0.0.0.0 0.0.0.0 GW_2

,but just one will work. You should install a new router between the PIX and the ISP routers.

Bests,

Attila Suba

106
Views
0
Helpful
1
Replies
CreatePlease to create content