Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1227
Views
0
Helpful
1
Replies

2 PIX's to 2 BGP routers in 2 different locations on a routed LAN?

mpfaeffle
Level 1
Level 1

‎12-14-2001 08:02 AM - edited ‎02-20-2020 09:56 PM

This seems like it SHOULD be a simple thing to do. Maybe I'm missing something obvious. After 9/11 we were forced to install another Internet access point at another location outside NYC. We basically duplicated what we had in NYC: Pix firewall on our local lan with a BGP router on the outside. Now that our downtown NYC location is back up again, I want to utilize both potential paths to the internet for redundancy and load. However, on the inside we run EIGRP (each of our 6 buildings have a private /24 and are connected by multiple routes for redundancy). Any ideas on a best solution? Split the EIGRP group maybe? How do I maintain a single set of statics for my web, DNS, and mail server?

0 Helpful
1 Reply 1

rrbleeker
Level 1
Level 1

‎12-17-2001 04:37 PM

I don't think it is as simple as it might look at first sight. Don't forget that the pixes are stateful, which mandates that return traffic need to use the same path as the oringinal traffic. Also, you also require the two BGP router to communicate, and to be able to forward packets if the other BGP router has a better path. This is definately a situation for a lab environment. I don't think it is impossible, but definately not easy.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card