Re: One PIX 535 and two external ISP connections??

ewieczorek · ‎01-19-2005

Our organization just acquired a second external ISP connection in an effort to improve our connection to the internet.

I have one PIX 535 protecting my internal network.

I would like to send all port 80 traffic out ISP connection #1 and everything else out ISP connection #2.

Can I do this at the PIX? Or do I have to buy another PIX and perform this type of action at my core router?

Thanks!

msdesai · ‎01-19-2005

Hi

You don't need to do anything on pix.You can do this at your Internet router using policy based routing--- using route-map & access-list...

If you can post the your config for Internet router, I can add the respective lines to that configuration...

Regards,

MD

ewieczorek · ‎01-20-2005

Thanks for your reply! I apologize for my delayed response.

I don't have access to the Internet router that sits "outside" my firewall. That is controlled by our local telco.

Does that limit my options?

minoc · ‎01-20-2005

Hello,

Then you will need to work with your provider to request this or replace the telco router with your own equipment.

Is the second ISP line from the same telco?.

Carlos Roque

ewieczorek · ‎01-20-2005

Yes, it is the same telco. In fact, they installed a second router with this second line they installed.

I'll get with them and see what they can do for me.

Thanks.

minoc · ‎01-21-2005

I would reccomend you to request them the use of gateway Load Balacing Protocol on both routers. That way you can get load balancing towards the Internet.

The routers will need to run at least version 12.2 IOS.

Regards,

Carlos Roque

Office Of Management and Budget