Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

Pix failover issue with static routes and OSPF

I have an issue in that we have a pair of Pix's (version 6.3) and a router plugged into a switch. The firewalls are ours and the router is a customers. We have static routes on the firewall to the customers networks off their router however if the link from customer router to switch fails I need the route on the firewall to drop off and go via an alternate path (OSPF is configured to do this). The problem I am facing is that becuase the firewalls plug into a switch the interfaces remain UP UP even though the next hop (customer router) is no longer valid. If i can get the firewalls to see the route has disappeared and drop the static from the routing table then my problem will be resolved. Any ideas???


New Member

Re: Pix failover issue with static routes and OSPF

I have had problems running OSPF on anything other than the inside with 6.3(x) PIX code. But you could try this.

Use a L3 switch running OSPF. On the L3 switch create a static route for the customer that points to the interface they are connected to (will need to be a L3 interface rather than a L2 interface) and redistribute that route into OSPF.

Run OSPF on the PIX interface that connects to the switch and peer with the L3 switch. When the router goes down the switch will remove the customer route from the routing table.

You can do this x2 with the backup route advertised at a higher metric so it will only enter the routing table when the primary route goes down.


CreatePlease to create content