Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

Routing through the PIX

i have an interface on one of my dmz interfaces with ip address 172.27.127.1/24 to a LAN with networks 172.27.127.0/24 and 172.27.124.0/24...how do i reach the 172.27.124 network through this interface through the PIX dmz int ,can it accept a secondary ip ?

6 REPLIES

Re: Routing through the PIX

Hi .. Are you able to reach 172.27.124.X network from a device located on the 172.27.127.X segment ..? If you can can you send the tracert output ..

Community Member

Re: Routing through the PIX

yes i can there is another linux box with ip 172.27.127.6 that does the routing....

Community Member

Re: Routing through the PIX

have you tried adding static routes on the pix?

Re: Routing through the PIX

It is not possible to have secondary addresses in a PIX.

The only solution I can think for this, is to have another device (can be a router with secondary ip address) to do the routing between the two networks for the PIX to the machines in the network 172.27.124.0/24 and the reverse path.

Although I would prefer to have only an IP address, I can't think any need for having two networks

Silver

Re: Routing through the PIX

To accomplish this, you will need a router on the DMZ network with a route to the 172.27.124.0 network. In addition, you need to add a route on the firewall that points to the router's IP when going to that subnet. (ex: route dmz 172.27.124.0 255.255.255.0 172.27.127.50)

Thanks.

Re: Routing through the PIX

Your other option is to add vlans to this DMZ network and assign the different IP hosts to the corresponding vlans. Then configure the DMZ interface as a Trunk and the switchport from an access port to a trunk. Assign the secondary you wanted to the new VLAN interface on the PIX. Assign the original PIX interface IP to the 2nd vlan on the PIX. Setup ACLs and translations to allow routing to these networks. VLANs were available as of 6.3 I believe, but check the release notes of your version to be sure.

Please rate any helpful posts

Thanks

Fred

124
Views
0
Helpful
6
Replies
CreatePlease to create content