Multiple Pix

t.mazyck · ‎05-27-2003

I have two pair of Pix 535's, because I ran out of DMZ (10) on one of them. Now that I have the eleven dmz, how should I configure the two 535 to route between dmz 1-10 and 11-20.

mhoda · ‎05-27-2003

Hi,

Can you let us know how those 2 pixes are connected with each other ? Thanks,

Mynul

t.mazyck · ‎05-27-2003

No... I have two firewall A and B ... Both have DMZ attached to each of them and I would like to be able to connect Firewall A DMZs to Firewall B DMZs. How should I do this ... (cross over cable between A and B, Shared DMZ segement, Firewall C with a connection between both, or use a Router between both)... What is the preferred method ... (will they all work ?)

mhoda · ‎05-27-2003

Hi,

If the requirement is only that dmzs on both PIXes should be able to communicate with each other, then connect 2 PIXes dmz interfaces with a cross over cable and then with the help of static or dynamic routing protocol, make your dmzs net available with each other . So, the answer is yes, it is possible.

If you have any other question, plesae let us know. Thanks,

Mynul

ywadhavk · ‎05-27-2003

Need to understand your network topology for any indications on how to route. The main obstacle would be putting in place a proper network addressing scheme. You could look into the OSPF implementation feature in 6.3 version for gettng some routing going on in the PIX.

Other than that, static routes are the only way and this is where the proper network addressing scheme comes into play.

This is the only thing I can guess based on the broad question.

Thanks.

Yatin