Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
311
Views
0
Helpful
2
Replies

ip redirect with PIX

jrhofman
Level 1
Level 1

‎08-31-2004 07:10 AM - edited ‎02-20-2020 11:36 PM

anyone know if you can have a pix do an IP redirect to a host. I had a situation where hosts have a default to the pix on an inside interface and then the pix had a route to the destination via a router on the same inside interface. This breaks down the 3 way handshake since the SYN Ack from the destination never gets sent back throughthe PIX. It just goes directly to the source host on the same subnet.

0 Helpful
2 Replies 2

scoclayton
Level 7
Level 7

‎08-31-2004 08:06 AM

Nope. The PIX will not work in this design as you want it to. In order for the PIX to pass packets, the ingress and egress interfaces must be different interfaces. In other words, it must be received on one interface and be placed on the send buffer of another interface in order to pass. This behavior is expected and is part of the Adaptive Security Algorithm (ASA) on the PIX.

Your only real option in this case is to change the DG to the router on the inside segment and add a default route on the router pointing back to the PIX.

Hope this helps.

Scott

0 Helpful

jrhofman
Level 1
Level 1
In response to scoclayton

‎08-31-2004 11:31 AM

Thanks, That's what I did to fix it but was just curious if I was missing anything in the FW.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card