Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

static route on cisco pix 515e

Hi all. I have a cisco pix 515e where the internal ip is 192.168.1.254 and dmz ip is 192.168.2.254. I have a router which connects 192.168.1.0/24 subnet with the ip 192.168.1.253 and connects to 192.168.3.0/24 subnet. There is a server on my dmz with the ip 192.168.2.x that i want it to connect to another server in 192.168.3.0/24 subnet. Hence i would like to add a static route on my pix as below.

route 192.168.3.0 255.255.255.0 192.168.1.253

I understand that the ciscopix 515e with version 6.x cannot do hairpinning which is routing using the same interface. Hence for this scenario(which is not hairpinning) will the server in dmz be able to access the server 192.168.3.x after i add the above static route? Thks in advance.

3 REPLIES

Re: static route on cisco pix 515e

route inside 192.168.3.0 255.255.255.0 192.168.1.253

and u need a route on the router aswel

like

ip route 192.168.2.0 255.255.255.0 192.168.254

and u need the following acl on the pix

access-list 100 permit ip 192.168.3.0 255.255.255.0 192.168.3.0 255.255.255.0

access-group 100 ininterface dmz

good luck

please, if helpful rate

New Member

Re: static route on cisco pix 515e

Hi Marwanshawi,

Thks for the advise. I forgot abt the return path, thk u for highlighting it to me. Basically i post this question because my boss says adding static routes to firewall is not possible. However i feel that as long as its not hairpinning, static routes added to the firewall would work.

Re: static route on cisco pix 515e

based on ur config workes for sure

good luck

please, if helpful rate

2739
Views
0
Helpful
3
Replies
CreatePlease to create content