12-29-2006 10:23 AM - edited 03-11-2019 02:13 AM
I know this should be a very easy solution, but I have yet to solve how to route between the two interfaces. Meaning subnetA currently cannot connect to subnetB. I think that it is just a route issue, but I do not know. Please help.
12-29-2006 01:23 PM
It probably has to do with the security levels or access-list. Post your config and a small diagram.
01-01-2007 08:42 PM
PIX devices technically don't route between interfaces. To move traffic from one interface to another you must have a NAT translation set up between interfaces.
If you don't want to NAT to a different address range, you can NAT to the same addresses (like NATting from 192.168.1.0/24 to 192.168.1.0/24), but it does not act like a router and move traffic from interface to interface based on routing rules.
If you look at PIX config examples, you will see the NAT statements in the examples.
This is in addition to the issue of traffic being automatically permitted from a higher security # interface to a lower interface, but needing ACLs to permit traffic to originate at a lower security value interface to a higher security value interface.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide