06-03-2005 05:07 PM - edited 02-21-2020 01:48 PM
I need a config that will allow ISP1 on intfc1 for just VPN and all other Internet to ISP2 on inftc2. How do I get around the one default route the pix imposes? I have a separate router for each ISP.
Thanks - Phil
06-04-2005 08:57 AM
Put the default route to ISP2 and static route to the vpn-endpoint through ISP1.
06-05-2005 05:33 AM
Aleksey,
route (ISP2-Intfc) 0.0.0.0 0.0.0.0 ISP2-NextHop
route (ISP1-Intfc) 10.1.1.0 255.255.255.0 ISP1-NextHop
route (ISP1-Intfc) 10.1.2.0 255.255.255.0 ISP1-NextHop
etc. where 10.1.1.0 and 10.1.2.0 are the remote VPN networks? And I thought this was going to be complicated!!
Phil
06-05-2005 08:20 AM
add also
route (ISP1-Intfc) ipsec_peer_ip_address1 255.255.255.255 ISP1-NextHop
route (ISP1-Intfc) ipsec_peer_ip_address2 255.255.255.255 ISP1-NextHop
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide