Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

Pix 506e Routing

Hi,

I wanted to make sure that is it posible for pix506e to do the routing, i.e can I use only Pix 506e at office with the 1 static route to internet and other is though ethernet cable to another network directly connected...

4 REPLIES
Bronze

Re: Pix 506e Routing

If by routing you mean direct data to a proper subnet via routes than yes. Dynamically routing on a PIX is available using OSPF... or you can simply just build static routes onto the PIX. Hope this helps.

-Mike

http://cs-mars.blogspot.com

New Member

Re: Pix 506e Routing

Thanks for your reply.

What I wanted to do is Connect pix directly to the Internet and another connections to local network(Direct ethernet connection)...

Is this possible ??????

Re: Pix 506e Routing

Hi,

Yes. Outisde interface on the PIX connects to the Internet. Inside interface connects to your LAN.

Default (static) route on the PIX points to the next hop router via outside interface. If you have more than one subnet on your inside network, add static routes on the PIX for them to point to the next-hop router via the inside interface. Then configure all your access policies like NAT, access-list etc.

Here's a couple of links that you may find helpful and can answer most of your questions.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_qanda_item09186a0080091b17.shtml

http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_configuration_guide_chapter09186a008008cd36.html

Good Luck!

Regards,

Sundar

Silver

Re: Pix 506e Routing

One thing to clarify you can't re-route packets using PIX. This is because the PIX does not allow traffic to come from and exit the same interface at the same time.

For example:

Inside Interface: 192.168.1.254

Outside Interface: 67.67.66.67

You have an internal router: 192.168.1.253 with different branches behind it such as subnet 192.168.10.0

Now you can do a static route on the pix such as

route (inside) 192.168.10.0 255.255.255.0 192.168.1.253

Scenario 1:

A packet comes from 192.168.10.x headed to the internet the PIX will be able to deal with it because the destination is a public address.

Scenario 2:

A packet comes from 192.168.1.x and headed to 192.168.10.x

If the packet reaches the PIX as above it will drop the packet because PIX does not allow a packet to enter and exit the same interface!

I hope you got my point,

Let me know if this helps and rate please,

132
Views
0
Helpful
4
Replies
CreatePlease to create content