PIX 515 with 2 default gateways

j.khandia · ‎07-02-2003

I have a PIX 515 configured to an application service provider who host applications over a VPN connected back to my office.

Does the PIX 515 allow for a 3rd ethernet interface to be added for an ISP which would then allow me to have 2 outbound routes one for the ASP and one for the ISP

My aim is to have traffic routed for the ASP to go down one private circuit and traffic for internet access to be routed down a second private circuit for ISP traffic.

mhoda · ‎07-02-2003

Hi,

Yes, it is possible. If you know the networks of your ASP then yes its possible. What you can do is create static routes of your ASP and route these thru the new 3rd interface and then create the default gateway going thru the other interface.

Regards,

Mynul

j.khandia · ‎07-07-2003

Hi Mynul,

Many thanks for your prompt reply. I have ordered a third ethernet interface for the PIX and will give it a try as soon as it arrives.

Kind Regards

Jamal

j.khandia · ‎07-23-2003

Hi Mynul,

As per my previous posting I have added the 3rd interface to the PIX and I need to route ISP traffic down one connection and VPN traffic down another to my ASP. I have entered the configuration however I cannot get internet traffic connectivity.

Can you give me any guidance.

I am trying to send ISP traffic down one connection and ASP VPN traffic down a second seperate connection using a PIX 515 with 1 inside interface and 2 external interfaces.

gparrish · ‎07-23-2003

You should have an ACL defined for the VPN traffic so it is not NATd. Make sure you have NAT setup for the other traffic and the correct routes. Send your config and be sure the inside, ISP and ASP interface are identifiable.

Greg