Re: pix and default routes

ajit.shah · ‎10-13-2005

We wish to have 2 default routes. One points to a gateway on the outside interface network. The other points to a gateway on another interface, but has a higher metric. If the first default route gateway is not accessible, we want the traffic to go to the gateway in the second default route. Is this possible in v6.3 or v7.x? Thanks for any help you can provide.

nkhawaja · ‎10-13-2005

you can try the "metric" option in the route statement,

e.g.

route outside 0.0.0.0 0.0.0.0 10.10.10.10 1

route dmz 0.0.0.0 0.0.0.0 11.11.11.11 2

see if that helps

jackko · ‎10-13-2005

just a quick comment.

pix hasn't got any feature that keeps tracking the path. in other words, the second route will only take over when the first default gateway (i.e. the router) gone down or the cable disconnected. whereas with router, it can track the entire path to the destination.

e.g.

pix <--> router1 <--> internet

pix <--> router2 <--> internet

with the topology above, since both routers are directly connected to the pix, so the interface will not go down unless the router fails or the someone plays with the cable. provding the pix interface will not go down, that means the second route will not work regardless the actual internet link availability.

one workaround is that to configure the route as well as the second route on the router, not on the pix.