Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
828
Views
0
Helpful
3
Replies

Multiple IPs at PIX outseide interface

nkariyawasam
Level 1
Level 1

‎09-08-2002 11:51 PM - edited ‎02-20-2020 10:14 PM

I am trying to terminate two ISP connections at local router at the outside interface of the PIX firewall.

As I have to assign two IP addresses from each one of the ISP to the router LAN inteface and PIX outside interface, therefore I have to assign two real IP's from each ISP to PIX outside interface.

Does PIX support multiple IP's on a single interface ?

If not what is the alternate solution ?

0 Helpful
3 Replies 3

jamiesachs
Level 1
Level 1

‎09-09-2002 04:51 AM

I'm doing the same thing because we are using BGP between our two ISPs. I don't believe the PIX supports multiple IPs on a single interface. You'll be routing two seperate subnets and only one will be part of the subnet that the outside interface of the PIX is part of. For the other subnet you need to put a static route in the router that points to the outside PIX interface. Then within the PIX you'll route that subnet to the appropriate place on your network, like another router perhaps.

JS

0 Helpful

nkariyawasam
Level 1
Level 1
In response to jamiesachs

‎09-10-2002 07:11 PM

Dear jamiesachs ,

Thanks for the rpely. I think I can define it in the way you've suggested.

Since you are running BGP I would like to know more about the scenario since I am also interested in running BGP here.

1. What is the links speed you are running BGP and what is the available for you to do actual data trransfer ( the balance bandwidth)

2. Can I run BGP without having registered AS number ? ( If I do not need link redundancy )

0 Helpful

jamiesachs
Level 1
Level 1
In response to nkariyawasam

‎09-11-2002 04:14 AM

Both links are full T1s. We are not implementing any load balancing via software or hardware, although depending on the destination of the inbound packets, the ISPs make weighted determinations as to which path the data will flow. That's part of what the BGP protocol does. Our purpose was link redundancy. But unles you have completely seperate circuits coming into your facility from different directions or locations you're still pretty vulnerable to something like a cable cut.

No, you can't run BGP without an AS number because that's what identifies you with and to the peers. Also, the commands within the PIX specifically refer to your AN number and those of your peers. Your ISP should be able to help you with the registration and there's plenty of info at arin.net.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card