Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
266
Views
0
Helpful
2
Replies

Two ISP routers

ssumrein
Level 1
Level 1

‎02-18-2004 06:48 AM - edited ‎03-09-2019 06:28 AM

Hello there,

I have PIX 515 with 8 ports installed, I’ve already used 5 ports for DMZ configurations. I have an ISP router that connect the outside interface of the PIX. Everything works fine. I’m planning on adding additional ISP router dedicated to creating a VPN tunnel with a vendor. I don’t want to use the existing ISP router that the users use to browse the Internet. The new ISP router will be configured with 3 T1 lines. I will be terminating the tunnel on the VPN 3000 concentrator. The question is, There is only one outside interface on the PIX. The question is how do configure the PIX so it is a ware of the new ISP router. Do I use one of the remaining ports as an outside interface? I’m not really sure how to go about that,

Thanks.

Labels:
0 Helpful
2 Replies 2

peangvall
Level 1
Level 1

‎02-18-2004 09:13 AM

Use one of the other ports, but it won't be another "outside". There can only be one outside. Just setup another port as another dmz and use a static route. So if the remote vpn is 172.16.1.1 (for example), so a static route on the PIX of "ip route DMZVPN 172.16.1.1 255.255.255.255 x.x.x.x" where x.x.x.x is the IP of the new ISP router. You won't be able to do another default route, but you can statically route to the IP you need.

0 Helpful

ssumrein
Level 1
Level 1
In response to peangvall

‎02-18-2004 11:17 AM

Sounds great !!!!

Thank you very much !!!

0 Helpful
Customers Also Viewed These Support Documents