cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
658
Views
5
Helpful
7
Replies

Need to know about routing entry which is configured in Pix Firewall

ray_stone
Level 1
Level 1

If one of the router is installed inside security zone of pix firewall and pix is connected directly router and ip address of one point of router is (e0) 192.168.10.1, firewall ip is (inside)192.168.10.2, router Ip is (e1) 10.0.0.1, route has been set ion router is 0.0.0.0 0.0.0.0 192.168.10.2 (this command for all traffic 10.0.0.0 network will be go through 192.168.10.2 and route command set in pix is 0.0.0.0 0.0.0.0 {outside IP Address (Whatever)} because all inside traffic will be pass from outside interface, these all above configuration I understand but my question is why we need to create route command in pix firewall (10.0.0.0 255.255.255.0 192.168.10.1), I am not able to understand the use of this command. Please e-mail me on vgupta@voxiva.com

Thanks Vinay Gupta.

7 Replies 7

cdusio
Level 4
Level 4

that command tells the firewall how to reach the 10 network. If you don't have it the firewall won't know where to send return traffic.

ok, Thanks sir. If one other router I add inside router, my mean here firewall is connected with router and router is coonected also one router then it requirs any other command on firewall of new added router.

Can anyone reple me..

You will need to have

NEW ROUTER'S NETWORK 255.255.255.0 192.168.10.1

You have to point the network of ur new router towards the old router's e0 and ur old router must have proper routing configured to reach to the new router's network.

Rate if help.

Ray, if connecting a second router the same principle applies as first router's pix/asa static route entry. You indicated already have one router connected to inside under the 192.168.10.0/24 network with ip 192.168.10.1, for sake of example say your second router ip that you are connecting to asa in inside is 192.168.10.5 and that router advertizes another network e.g 20.20.20.0 then you need to tell pix/asa how to reach 20.20.20.0 net.

route entry should be:

route inside 20.20.20.0 255.255.255.0 192.168.10.5 1

Jorge Rodriguez

It means if number of router will be adding then everytime it needs a new route command to tell the pix how to reach on added new network. But one confusion point is here, does it require this kind of commands on public router where we just put only default route and don't put any command for return traffic as we do same for pix.

can anyone reply??

Review Cisco Networking for a $25 gift card