Hi, actually i have this scenario:pix 515e version 6.2(2) with on board

6 interfaces but now configure with 3 interfaces (in this mode):

INTERNET ROUTER (ETH 172.17.10.1)

I

I

I

I(OUTSIDE - 172.17.10.2)

PIX -INTF2--.2--------------(172.17.12.0/29)--------.3(PARTNER)

INSIDE (172.17.8.1/23)

I

I

I

I

MY LAN

then 3 interfaces configuration without NAT.

there are the static routes:

route outside 0.0.0.0 0.0.0.0 172.17.10.1 1 route intf2 192.168.54.209 255.255.255.255 172.17.12.3 1 route intf2 192.168.129.0 255.255.255.0 172.17.12.3 1 route intf2 192.168.131.0 255.255.255.0 172.17.12.3 1 route intf2 192.168.134.0 255.255.255.0 172.17.12.3 1

traffic outcomes from my default gateway coming out from 172.17.10.1, traffic out/in from /to network 192.168.x.x/16 is forwarded from intf2 this scenario works well.

but tomorrow i must add new two routers on 2 new interfaces and i would have this new scenario:

ISP ROUTER (.3 ) ISP ROUTER (.1)

\ I

172.17.14.0/30 \ I 172.17.10.0/30

\ I

INTF3(.2) \ I(OUTSIDE - .2)

(PARTNER)(.3)(172.17.13.0/29)INTF5(.2)PIX-INTF2(.2)(172.17.12.0/29)(.3)(PARTNER)

INSIDE (172.17.8.1/23)

I

I

I

I

I

MY LAN

and this would have to be future situation:

the traffic that outcomes from 172.17.8.1/25 coming out from

172.17.10.1

the traffic that outcomes from 172.17.8.128/25 coming out from a new interface 172.17.14.3 except traffic out/in from 192.168.0.0/16 coming out from 172.17.12.3 traffic that outcomes from 172.17.9.1/25 coming out from interface

172.17.14.3 except traffic out/in 192.168.0.0/16 coming out from

172.17.13.3

traffic outcomes from 172.17.9.128/25 coming out from 172.17.10.1

is it possible this scenario?

can you help me with this configuration?obbligatory i use NAT?

sorry for my bad english...

thanks in advance

Matt