PIX 515-E Configuration for two (or more) outside networks
Would like to know if anyone has tried to setup a PIX with more than one outside (ISP) interface. Is it possible to setup a PIX 515-E with 6 fast ethernet interfaces where 4 intrfaces are used for inside and DMZ networks (private IP addressing) and the other 2 interfaces are used to connect via separate routers (and the associated separate public IP addressed networks.. possibly separate ISPs or at least separate routing structure to each of the PIX's external interfaces)???
Re: PIX 515-E Configuration for two (or more) outside networks
I am not sure if this is true, but I would think by nature of the pix that there can only be ONE outside since it has the lowest security rating. Everything else is considered inside to that interface. I would guess that if you had users on lets say DMZ3 that group could be routed to the second ISP. You would give that interface a Nat and a Global command and route there traffic. So I guess what I am saying is yes I think that is possible. If you happen to do this I would love to know if it worked.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...