06-01-2006 01:34 AM - edited 03-09-2019 03:06 PM
Hi,I am following a course Cisco, in these days I am carrying out a stage in company, I would want to ask a suggestion on a case study.
It has been asked to estimate the possibility to separate the traffic outbound to a firewall PIX 520 6.2(2) based on IP address source.
In other words, the firewall has 6 interfaces:
ethernet0 --> outside1 (it goes on Internet through a ISP_1)
ethernet1 -->inside
ethernet2 --> dmz1
ethernet3 --> outside2 (it goes on Internet through a ISP_2)
ethernet4 --> dmz2
ethernet5 --> dmz3
outside1 is connected to the router1
outside2 is connected to the router2
I would want to address the traffic of the dmz1 and dmz2 to the interface outside1 and the traffic of the dmz3 to the interface outside2.
I had thought to use the access lists in outbound to the interfaces outside1 and outside2, but on the firewall the access lists are applied to traffic inbound to an interface. Would you have any suggestions?
Thanks and Regards
Paolo
06-01-2006 07:37 AM
It sounds like what you are trying to do is source route using the PIX. The PIX can only do destination routing.
I this case, I would put all of your outbound traffic through a single outside interface on the pix to a router, then source route from that router to the 2 ISP routers.
Hope that helps.
06-08-2006 12:08 AM
Thanks for your suggestion.
Paolo
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide