routing in pix 525

arturo.reyna · ‎06-30-2003

Hi, can somebody help me?

I have a PIX 525, In this firewall I have two routers to the same network "cliente", one of this router is in the outside interface, other is in a dmz interface.

I want to know how can i define routing or what can i do to use the router in dmz as a primary (I have a E1) and the router in outside as a backup (I have 384K) to get my network "cliente".

Currently I´m using one of this, but I need them to work as a backup automaticaly.

I hope you can help me.

Thank you.

hadbou · ‎07-07-2003

This is not possible, PIX does not route any traffic.

tvanginneken · ‎07-07-2003

Hi,

the PIX firewall only routes traffic that enters the PIX at one interface and exits the pix on another interface. So the pix does not allow traffic that enters at one interface and goes out on that same interface.

To configure routing on a pix use the 'route' command:

route if_name ip_address netmask gateway_ip [metric]

Example:

route outside 0.0.0.0 0.0.0.0 1.2.3.4 (this is the default route)

route inside 10.1.1.0 255.255.255.0 192.168.1.254

....

Kind Regards,

Tom

xh_liu · ‎07-11-2003

perhaps I have met the same question:

I define inside, dmz,outside port , and I use metric to archieve backup:

route outside 10.0.0.0 255.0.0.0 x.x.x.x( next-hop address) 20

route dmz 10.0.0.0 255.0.0.0 y.y.y.y(next-hop address) 40

20,40 is metric value

My mean is when outside port is down , traffic to 10.0.0.0 can route by dmz port, but in fact when outside is down , pix route traffic to outside port, why???

I think it is a pix ios bug, but I try 6.3(1), the question exist

who can help me ?

R/lxh