Is there any way that I can use my RIP learned route from my outside interface and proagate that default route out my inside interface? The inside default command will just send a default route to my inside router even if the PIX does not have a default route. My goal is to have the router on the inside of the PIX get a dynamic default route and then have that route go away when my router on the outside interface of the PIX goes away.
The only other way I know would be to use BGP but, I would rather not go there since I do not have an AS and I do not have control of the outside routers.
Thanks for yor reply but, I should be able to use a private AS # between Ethernets on the outside internet router and inside router. I can put a static route with my serial interface on the internet router and redistribute the static into BGP and send that through the PIX (port 179), NAT on the PIX and then put a static route to my public address on the inside router. This should at least eliminate the need for a public AS.
"Both the inside and perimeter networks are protected with the PIX Firewall's Adaptive Security Algorithm (ASA). The inside, perimeter, and outside interfaces can listen to RIP routing updates, and all interfaces can broadcast a RIP default route if required."
Also from the same reference:
"RIP Version 2
Routing Information Protocol (RIP) version 2 provides MD5 authentication of encryption keys. The PIX Firewall only listens in passive mode and/or broadcasts a default route. The PIX Firewall supports Cisco IOS software standards, which conform to RFC 1058, RFC 1388, and RFC 2082 of RIPv2 with text and keyed MD5 authentication. The PIX Firewall supports one key and key ID per interface. While the key has an infinite lifetime, for best security, you should change the key every two weeks or sooner."
Each inside or perimeter PIX Firewall interface is configurable for route and Routing Information Protocol (RIP) information. To determine what route information is required, consider what routers are in use in your network and are adjacent to the planned installation point of the PIX Firewall.
Specifying a route tells the PIX Firewall where to send information that is forwarded on a specific interface and destined for a particular network address. You can specify more than one route per interface, which lets you control where to send network traffic. Refer to the routecommand page in the Cisco PIX FirewallCommand Referencefor more information.
The PIX Firewall learns where everything is on the network by "passively" listening for RIP network traffic. When the PIX Firewall interface receives RIP traffic, the PIX Firewall updates its routing tables. You can also configure the PIX Firewall to broadcast an inside or perimeter interface as a "default" route. Broadcasting an interface as a default route is useful if you want all network traffic on that interface to go out through that interface. Refer to the ripcommand page in the Cisco PIX FirewallCommand Referencefor configuration information."
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :