fw routing issue

dragec · ‎04-09-2008

hi I have following fw routing issue on pix 7 fw

route int2 x.x.x.5 255.255.255.255 gtw2 1

route int1 x.x.x.0 255.255.128.0 gtw1 2

I want traffic to x.x.x.5 goes over int2, but no metter what I do, traffic goes over int1. How to solve this?

Alan Huseyin Kayahan · ‎04-09-2008

Hi Dragan

I think issue is about your NAT statements. Please post attach your config, specify desired dest IPs.

Regards

dragec · ‎04-09-2008

static (int1,inside) x.x.x.0 x.x.x.0 netmask 255.255.128.0

static (int2,inside) x.x.x.5 x.x.x.5 netmask 255.255.255.255

Alan Huseyin Kayahan · ‎04-10-2008

Dragan,

Try this

static (inside,int1) x.x.x.0 x.x.x.0 netmask 255.255.128.0

static (inside,int2) x.x.x.5 x.x.x.5 netmask 255.255.255.255

If doesnt work, something else in your config might be preventing. Please post your sanitized config if doesnt work.

dragec · ‎04-11-2008

:-)) why would I do that? x.x.x.0 is behind int1 interface and x.x.x.5 is behind int2 interface.

Alan Huseyin Kayahan · ‎04-11-2008

http://forums.cisco.com/eforum/servlet/NetProf?page=netprof&CommCmd=MB%3Fcmd%3Dpass_through%26location%3Doutline%40%5E1%40.2cc02936/0#selected_message

manjula.dealwis · ‎04-11-2008

Hey Guys,

Dont you need to put nat as "static(High security int,Low securiy Int)Low securityIP,HighsecurityIP netmask 255X3" in security levels when it come to static Natting.

This is just a thought.