Re: route-map on PIX 515E?

robdog01 · ‎12-16-2004

Hi everyone. I have a scenario where I would like to forward all smtp traffic out one gateway, 1.1.1.1 and all other traffic out gateway 1.1.1.2.

The PIX is connected to my internal network, 10.10.1.0 and there is a static nat translation for host 10.10.1.5 = 1.1.1.5. For all other 10.10.1.x hosts, data should route to the gateway 1.1.1.2

I would like for all traffic OUTBOUND from 10.10.1.5 to be routed to gateway 1.1.1.1

Currently, I have the following statement on my PIX:

route outside 0.0.0.0 0.0.0.0 1.1.1.2 1

Can I use route-maps to allow ONLY smtp traffic from Internal address 10.10.1.5 (static nat address of 1.1.1.5) to be forwarded to gateway 1.1.1.1?

Thank you.

thisisshanky · ‎12-16-2004

No, route-maps are available only on routers. Btw PIX is not a true router.

Sankar Nair
UC Solutions Architect
Pacific Northwest | CDW
CCIE Collaboration #17135 Emeritus

robdog01 · ‎12-17-2004

I'm using 6.3(3) and the route-map commands are there and available. Also, the match commands are available.

If the pix is not designed to do it, I wonder why they provide those commands?

Does anyone have a recommendation as to how I should approach this?

Thanks!

JHaynes4 · ‎12-17-2004

The route-map commands are there for use in redistribution in regards to routing protocols. For instance I am using the route-map command to redistribute a connected interface into OSPF on the PIX.

g.rodegari · ‎12-22-2004

Hi,

route-map support was introduced, in 6.3 version, only for redistribution and filter list in OSPF routing process.

Policy routing is not supported at this moment, like other features (NBMA or point to point network, route load balancing, etc...) I think it'll could be in the next newer 7.0 version.

Regads,

G.

robdog01 · ‎12-22-2004

Could I put a router between the firewall and 2 gateways that the pix would use as its default gateway, then on that router, enable the policy routing?

Thanks,

Robert.

g.rodegari · ‎12-23-2004

Hi Robert,

I think yes.

G.