Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
580
Views
12
Helpful
7
Replies

Multiple ISPs with 1 PIX ????

nevenvision
Level 1
Level 1

‎10-18-2005 11:26 AM - edited ‎02-21-2020 12:28 AM

Hello Everyone,

We have two PIX 515 in a failover configuration at a data center and everything works great!

I would like to purchase an additional PIX 515 UR for Our office LAN. But before I do I need to know if it is possible to configure the PIX to do the following. We have both a T1 and high speed DSL connection at our office. I would like the PIX to be able to choose which one to use based upon wether they are up or not.

ie, if the T1 goes down or gets very slow I would like the PIX to then route traffic out the DSL interface and until the T1 is back to optimal. Is this a possibility with a PIX 515 with the max 6 interfaces? Or do i need to get a different device?

0 Helpful
7 Replies 7

bigchoice75
Level 1
Level 1

‎10-18-2005 11:59 AM

The pix does not have this ability. Your best bet is to put a router in front of each isp then run hsrp on the internal side of routers and point the pix default route toward the hsrp address.

Patrick Iseli
Level 7
Level 7
In response to bigchoice75

‎10-18-2005 12:23 PM

YES and NO, you can setup another default route with a higher metric but the PIX will never detect that one ISP links is down if the router is still physicly up or the ISP has problems.

To link multiple ISP automaticly without manual config change you need a Link Loadbalancer.

examples:

- F5 LinkController

- Radware

- Elfiq LinkController - Alize

http://www.victrix.ca/elfiq/elfiq_alize_flyer_v1_14_en.pdf

http://www.victrix.ca/elfiq/elfiq_alize_product_guide_1_0_en.pdf

sincerely

Patrick

mgaysek
Level 1
Level 1

‎10-19-2005 03:51 AM

You can achieve your goal by putting a router in front ofthe pix using wieghted static routes. I am not sure if this is possible in 7.x on a pix.

Patrick Iseli
Level 7
Level 7
In response to mgaysek

‎10-19-2005 04:12 AM

How do you want to detect that the link went down after 3 or 4 Hops ?

BGP on both ISP would be also a possibility, but good luck to get that setup from your ISP.

sincerely

Patrick

jackko
Level 7
Level 7
In response to Patrick Iseli

‎10-19-2005 05:53 AM

there is a feature named saa/rtr avaliable on router, which enable tracking along the path from local router to the remote router.

unfortunately, pix has no such feature. i guess a router will need to be deployed.

0 Helpful

yvasanthk
Level 1
Level 1
In response to jackko

‎10-22-2005 09:31 AM

A related question..Does PIX or FWSM allow multiple static default routes? If so, can it do per-destination load balancing?

Thanks.

0 Helpful

jackko
Level 7
Level 7
In response to yvasanthk

‎10-22-2005 05:57 PM

i do think pix does auto load balancing.

however, the pix will not be able to determine whether the next hop internet link is avaliable or not.

e.g. a dsl router will be deployed in front of the pix. such as www <--> dsl router <--> pix.

since the dsl router and the pix are directly connected, so pix outside interface will always stay up regardless the dsl internet link availability. in other words, pix will keep forwarding packet to both next hops regardless the internet link availability. you can't really rely on pix to handle the routing.

an alternative is to setup the routing on one of the routers. e.g. pix has the t1 router as the default gateway, then it's up to t1 router to re-route packet to the dsl router as ios has feature to determine the internet link availability (e.g. saa, rtr).

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card