Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > Connecting two Cisco PIX 515 as per following Picture

Reply
Thread Tools

Connecting two Cisco PIX 515 as per following Picture

 
 
djjase
Guest
Posts: n/a
 
      03-01-2006
Hi,

I would like to be able to setup a network as per this picture.

(1) Is it possible ?
(2) How do I setup config for pc's in inside of FW1 to inside of FW2
etc ?

http://i38.photobucket.com/albums/e1...e/firewall.jpg

 
Reply With Quote
 
 
 
 
Martin Bilgrav
Guest
Posts: n/a
 
      03-01-2006

"djjase" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed) oups.com...
> Hi,
>
> I would like to be able to setup a network as per this picture.
>
> (1) Is it possible ?

yes it is


> (2) How do I setup config for pc's in inside of FW1 to inside of FW2
> etc ?


do you need inside to inside access or do you need access to other segments
aswell ?
The best way is to create LAN-to-LAN tunnel between the two PIX firewalls

HTH
Martin Bilgrav

>
> http://i38.photobucket.com/albums/e1...e/firewall.jpg
>



 
Reply With Quote
 
 
 
 
mcaissie
Guest
Posts: n/a
 
      03-01-2006
You can also do

--left firewall

static (inside,DMZ2) 192.168.0.0 192.168.0.0 255.255.255.0 0.0
route DMZ2 192.168.1.0 255.255.255.0 192.168.2.5

-- right firewall

static (inside,DMZ1) 192.168.1.0 192.168.1.0 255.255.255.0 0.0
route DMZ1 192.168.0.0 255.255.255.0 192.168.2.1

then proper access-list filtering



"Martin Bilgrav" <(E-Mail Removed)> wrote in message
news:ewcNf.12$(E-Mail Removed)2net.dk...
>
> "djjase" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed) oups.com...
>> Hi,
>>
>> I would like to be able to setup a network as per this picture.
>>
>> (1) Is it possible ?

> yes it is
>
>
>> (2) How do I setup config for pc's in inside of FW1 to inside of FW2
>> etc ?

>
> do you need inside to inside access or do you need access to other
> segments
> aswell ?
> The best way is to create LAN-to-LAN tunnel between the two PIX firewalls
>
> HTH
> Martin Bilgrav
>
>>
>> http://i38.photobucket.com/albums/e1...e/firewall.jpg
>>

>
>



 
Reply With Quote
 
djjase
Guest
Posts: n/a
 
      03-02-2006
Hi, Thank you for the information. There will be a need to be able to
access different segments with certain ports.
For Example.

(1) Need to be able to SSH from Internet to 192.168.4.6 on DMZ 4, and
Inside (192.168.1.0) of FW2(Right Hand)
(2) Most of the data that needs to go between the two is all internet
based. ie a pc inside FW1 connects to web server in DMZ3 on FW2 and
Admin Server inside FW2
(3) The servers in DMZ3 and Inside of FW 2 talk to each other via
certain ports

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
How to configure two routers with two ISPs and PIX 515 with failover with BGP? ashaffer@tranztec.com Cisco 5 07-28-2008 07:06 AM
PIX 515 - can Use VPN300 Client and PIX-to-PIX VPN at the same time? Stephen M Cisco 1 11-14-2006 02:03 PM
PIX 515 to PIX 515 via Internet & IPSec, should I get a VAC? Scott Townsend Cisco 8 02-22-2006 09:59 PM
Two ISPs, One 3640 Router, and PIX 515 with one outside interface TechGuy Cisco 2 08-03-2004 09:59 AM
traffic accounting per IP on a 515 PIX possible? alex Cisco 16 11-03-2003 04:32 PM



Advertisments