Our LAN 192.168.168.0/24 with a PIX515 as gateway (192.168.168.254)
Other gateway in our LAN (192.168.168.201) with tunnels with the Intranet of one of our branch office (Branch office LAN : 172.16.0.0/24).
Description of the problem :
We have a PIX515 which is the gateway of our private LAN. I installed an other gateway in our LAN just used to access remote LAN of some of our branch offices in order to decrease the charge of our PIX515.
My problem is that the PC in my LAN should have the other gateway as default gateway when they want to access the remote Intranet of our Branch office. if I do this, it works (the tunnel connection)
However I need to keep the PIX 515 as default gateway, that's why I added a static route in the inside interface of our PIX which says that the 172.16.0.0/24 is accessible via the other gateway (192.168.168.201).
When I am connected on the PIX, I can without any problem access to these remote LAN but when I am on a PC from our LAN I cannot, even if my default gateway is the PIX515.
For example, when I am on the PIX and if I make a "ping 172.16.0.1", it works
When I am on a PC (192.168.168.199 for example) which default gateway is the PIX (192.168.168.254) and which public default route is "0.0.0.0 mask 0.0.0.0 via 192.168.168.254", it fails !
I make a "tracert 172.16.0.1" command to see where the packets are lost and that's the PIX which doesn't forward the packets to the other Gateway !
What's happens? why the PIX515 doesn't forward the packets as a single router ?
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...