Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
976
Views
4
Helpful
2
Replies

Multiple Default Routes on PIX/ASA

NPT_2
Level 2
Level 2

‎06-24-2011 02:32 PM - edited ‎03-11-2019 01:50 PM

We have 2 separate ISP connections with 2 separate routers, during a recent router outage we found that our PIX firewall was not routing to the second default route that I have in the pix configuration.  Doing some searches on CCO, I have seen some documents that say that the PIX only supports one default gateway/route.  Is this still true, even in version 8 of the PIX software?  Is this still true in the newer ASA's?  Or will they support multiple default routes? 

I'm thinking I'm going to have to setup HSRP on my 7206 Internet routers so the PIX can use one gateway, but wanted to verify before I take the time to set this up. 

Labels:
0 Helpful
2 Replies 2

pablo.nxh
Level 3
Level 3

‎06-24-2011 02:37 PM

Hi NPT,

PIX does support dual default route configuration... For the problem you mentioned you could use SLA tracking to proactively monitor your ISPs and failover if necessary:

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00806e880b.shtml

HTH

__ __

Pablo

NPT_2
Level 2
Level 2
In response to pablo.nxh

‎06-24-2011 03:04 PM

Thanks for the info.  I'll have to work out a config to track the IP addresses of my routers since the physical outside interface on the pix is not directly connected so I can't track based on physical interface but will have to do so based on ICMP.  It's too bad the Pix can't just use the standard router configuration of

ip route 0.0.0.0 0.0.0.0 1.1.1.1 10

and

ip route 0.0.0.0 0.0.0.0 1.1.1.2 20

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card