cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4570
Views
0
Helpful
15
Replies

HELP! Weird Problem With PIX 501

sarfarazkazi
Level 1
Level 1

Hi,

Attached is the network diagram and Pix Configuration. We have data circuits for all our branches just installed. The problem is that the Pix just stops to ping the branch Office routers.

1. From the Pix can ping 192.168.1.2 & 1.3

2. From 192.168.1.2 & 1.3 can ping all the networks.

3. From the Pix cannot reach the branch routers.

Appreciate all your support.

Regards

Sarfaraz

1 Accepted Solution

Accepted Solutions

the idea as follow

u have the static route configured corectly on ur PIX

on the ISP router u need static route point to each barnch offic network thorugh the isp ip u have

and u need a static route like

try the following line to the ISP router and try then try to pin

ip route 192.168.1.0 255.255.255.0 192.168.1.254

for returne traffic or traffic comeing from branch to ISP going to PIX

in ur ISP i have seen u done like

try the following line to the ISP router and try then try to pin

ip route 192.168.0.0 255.255.0.0 10.x.x.x

this include 192.168.1.0/25 so the traffic when wanna go to the PIX network will go back to the ISP and this is the problem u have

try to fix it based on the above directions

good luck

View solution in original post

15 Replies 15

Marwan ALshawi
VIP Alumni
VIP Alumni

do the branch routers have route to the pix configured correctly ?

Dear marwan,

Attached is the configuration of the branch router.

Sarfaraz

i can see the problem is routing issue

one more question the ISP routers belong to u ? i mean u have its config ?

can u tell me the IP address of directly conected interfaces of ISP1 and the brach router u sent me to give u the right config

Dear Marwan,

Attached is the configuration of the HO router(isp1.txt) and the branch router (apbbr.txt)

Sarfaraz

ok

in ur diagram there is somthing missing

what are these IPs

10.250.3.1

10.250.17.2

can u tell me what connectivity between the ISP rote and the brantch routers and do u have the connection direcrctly from pix to ISP?

and on ur pix i see u have the interface with ip 192.168.1.254

and u have other interface on the pis has ip in the same subnet !!!!

sorry but i want to be aware about the network

The IPs are of the ISPs. My LAN range is (192.168.1.0/254) I am not well versed with Pix. This is how it is.. I am using these IPs from the range to route the branch subnets. It was working and then it stopped.

Pix IP- 192.168.1.254

ISP-1 router IP: 192.168.1.2

ISP-2 router IP: 192.168.1.3

I have attached the configuration of pix as well.

please

what these IPs represent

10.250.17.1

10.250.3.1

these IPs belong to the ISP backbone. They are /30 subnets for routing in their internal network. I have nothing to do their network.

please

what these IPs represent

10.250.17.1

10.250.3.1

I have already mentioned that the router belongs to ISP they are the ones who are routing it.

try to add the following line on ISP route

ip route 192.168.1.0 255.255.255.0 192.168.1.254

and let me know

No it doesnt work. From pix (1.254) i can ping (1.2). From (1.2) I can ping 2.1,3.1,4.1. But from the Pix I cannot ping 2.1,3.1 & 4.1

the idea as follow

u have the static route configured corectly on ur PIX

on the ISP router u need static route point to each barnch offic network thorugh the isp ip u have

and u need a static route like

try the following line to the ISP router and try then try to pin

ip route 192.168.1.0 255.255.255.0 192.168.1.254

for returne traffic or traffic comeing from branch to ISP going to PIX

in ur ISP i have seen u done like

try the following line to the ISP router and try then try to pin

ip route 192.168.0.0 255.255.0.0 10.x.x.x

this include 192.168.1.0/25 so the traffic when wanna go to the PIX network will go back to the ISP and this is the problem u have

try to fix it based on the above directions

good luck

yeah got it working now...thank u so much for your time and efforts..

Sarfaraz