Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > Two ISPs, One 3640 Router, and PIX 515 with one outside interface

Reply
Thread Tools

Two ISPs, One 3640 Router, and PIX 515 with one outside interface

 
 
TechGuy
Guest
Posts: n/a
 
      08-02-2004
Where do I begin explaining the problem and what we are trying to do.

We have a internet T1 coming into a Cisco 3640 which then heads over
to our PIX before hitting out LAN.

The outside interface on the PIX uses one of our external IP's given
by our ISP.

Now we have a second internet connection terminating in our 3640, with
a different ISP and different set of external IPs obviously. Our
problem is with getting traffic to and from the PIX due to the single
outside interface on the PIX having an external IP of our original
ISP.

We have tried doing nat on the PIX and the router but it is becoming
to problematic and difficult.

One idea was to put another interface in on the PIX and make it an
outside interface as well having it connected to the 3640.

We are not looking to send our default route (internet traffic) out of
the new interface. Instead we just want to use it for static
mappings. Just not sure if you can even have multiple outside
interfaces on the PIX.

Any ideas and thoughts on this would be appreciated.
 
Reply With Quote
 
 
 
 
Joseph Finley
Guest
Posts: n/a
 
      08-02-2004

"TechGuy" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Where do I begin explaining the problem and what we are trying to do.
>
> We have a internet T1 coming into a Cisco 3640 which then heads over
> to our PIX before hitting out LAN.
>
> The outside interface on the PIX uses one of our external IP's given
> by our ISP.
>
> Now we have a second internet connection terminating in our 3640, with
> a different ISP and different set of external IPs obviously. Our
> problem is with getting traffic to and from the PIX due to the single
> outside interface on the PIX having an external IP of our original
> ISP.
>
> We have tried doing nat on the PIX and the router but it is becoming
> to problematic and difficult.
>
> One idea was to put another interface in on the PIX and make it an
> outside interface as well having it connected to the 3640.
>
> We are not looking to send our default route (internet traffic) out of
> the new interface. Instead we just want to use it for static
> mappings. Just not sure if you can even have multiple outside
> interfaces on the PIX.
>
> Any ideas and thoughts on this would be appreciated.



Run BGP w/ both ISP's and save yourself the anguish of coming up with
complex configs which will be less than reliable.


 
Reply With Quote
 
 
 
 
PES
Guest
Posts: n/a
 
      08-03-2004

"TechGuy" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Where do I begin explaining the problem and what we are trying to do.
>
> We have a internet T1 coming into a Cisco 3640 which then heads over
> to our PIX before hitting out LAN.
>
> The outside interface on the PIX uses one of our external IP's given
> by our ISP.
>
> Now we have a second internet connection terminating in our 3640, with
> a different ISP and different set of external IPs obviously. Our
> problem is with getting traffic to and from the PIX due to the single
> outside interface on the PIX having an external IP of our original
> ISP.
>
> We have tried doing nat on the PIX and the router but it is becoming
> to problematic and difficult.
>
> One idea was to put another interface in on the PIX and make it an
> outside interface as well having it connected to the 3640.
>
> We are not looking to send our default route (internet traffic) out of
> the new interface. Instead we just want to use it for static
> mappings. Just not sure if you can even have multiple outside
> interfaces on the PIX.
>
> Any ideas and thoughts on this would be appreciated.


I would do nat in the Pix. Make sure that the router has a route to the
external interface of the Pix for all ip addresses that are not included in
the subnet of its ethernet interface. Set the default route to the default
ISP. Create the static mappings as desired. Use policy routing on the 3640
to send the packets sourced from the ip's that are statically nat'd to the
proper isp. I would go ahead and create the policy to send anything sourced
from the entire address pool assigned by the isp for the static nats to use
the policy.


 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
How to configure two routers with two ISPs and PIX 515 with failover with BGP? ashaffer@tranztec.com Cisco 5 07-28-2008 07:06 AM
help with pix inside->outside + dmz->outside + inside->outside->dmz Jack Cisco 0 09-19-2007 01:57 AM
PIX 515 - can Use VPN300 Client and PIX-to-PIX VPN at the same time? Stephen M Cisco 1 11-14-2006 02:03 PM
PIX 515 to PIX 515 via Internet & IPSec, should I get a VAC? Scott Townsend Cisco 8 02-22-2006 09:59 PM
PIX 515 - Slow performance to DMZ and outside Interface Skipdog Cisco 1 02-09-2004 11:51 PM



Advertisments