Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
420
Views
0
Helpful
3
Replies

PIX 515E supports basic static routing?

acceleratebiz
Level 1
Level 1

‎02-16-2006 11:17 PM - edited ‎02-21-2020 12:43 AM

Just want to make sure before telling a customer to purchase this firewall. Basically this customer uses about 15 subnets (over the course of a couple years has gradually grown needing more and more IPs). But some of his servers, for various reasons, aren't on the same subnet as another server and so when transferring traffic it goes through to my router. My router contains it all in their vlan, but appears to still count it as traffic for them. It's not so simple as it seems for them to change their servers' IPs, so they want to put a firewall in between their switch and my router that does basic static routing. That way the inter-subnet routing is handled by their firewall and my router only gets traffic destined for other networks. They are assured I'm not counting more traffic than they're really using and they get firewall protection.

So I would just assign the PIX a /30 like I would any customer's router and route their subnets to it. Nothing would change on the servers (a critical requirement). They would have the same public IPs and the same gateway. Although they might need to clear their arp caches on their servers as the gateway is now their firewall instead of my router.

Even better would be if the PIX 515E supported ospf in this manner.

0 Helpful
3 Replies 3

pkhatri
Level 11
Level 11

‎02-16-2006 11:43 PM

Hi,

You are in luck..the PIX supports both static routing and OSPF.

Here's an example of how to add static routes:

route inside 192.168.1.0 255.255.255.0 192.168.0.2 1

Here's a link on how to configure OSPF on the PIX:

http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_configuration_guide_chapter09186a0080172786.html#wp1112559

Hope that helps - pls rate the post if it does.

Paresh

0 Helpful

chetankamra
Level 1
Level 1
In response to pkhatri

‎02-17-2006 12:58 AM

This will help You

As pix 515 supports both OSPF and Static routing

CK-NET

0 Helpful

acceleratebiz
Level 1
Level 1
In response to chetankamra

‎02-17-2006 11:05 AM

Thanks for your responses paresh and CK. Looks great, but I just want to be very clear so I don't steer my customer in the wrong direction. I don't need routing on the inside interface. The servers behind the firewall will have publicly accessible IP addresses. No NAT/PAT involved whatsoever. The firewall will be the gateway (also a publicly accessible IP as the last usable IP in the same subnet of each server's main IP). The firewall will then act as a router and simply route all packets to my router.

So in essence, the firewall will at least provide the exact same functionality as a very simple router.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card