Connecting two Cisco PIX 515 as per following Picture

Discussion in 'Cisco' started by djjase, Mar 1, 2006.

  1. djjase

    djjase Guest

    djjase, Mar 1, 2006
    #1
    1. Advertisements

  2. yes it is

    do you need inside to inside access or do you need access to other segments
    aswell ?
    The best way is to create LAN-to-LAN tunnel between the two PIX firewalls

    HTH
    Martin Bilgrav
     
    Martin Bilgrav, Mar 1, 2006
    #2
    1. Advertisements

  3. djjase

    mcaissie Guest

    You can also do

    --left firewall

    static (inside,DMZ2) 192.168.0.0 192.168.0.0 255.255.255.0 0.0
    route DMZ2 192.168.1.0 255.255.255.0 192.168.2.5

    -- right firewall

    static (inside,DMZ1) 192.168.1.0 192.168.1.0 255.255.255.0 0.0
    route DMZ1 192.168.0.0 255.255.255.0 192.168.2.1

    then proper access-list filtering
     
    mcaissie, Mar 1, 2006
    #3
  4. djjase

    djjase Guest

    Hi, Thank you for the information. There will be a need to be able to
    access different segments with certain ports.
    For Example.

    (1) Need to be able to SSH from Internet to 192.168.4.6 on DMZ 4, and
    Inside (192.168.1.0) of FW2(Right Hand)
    (2) Most of the data that needs to go between the two is all internet
    based. ie a pc inside FW1 connects to web server in DMZ3 on FW2 and
    Admin Server inside FW2
    (3) The servers in DMZ3 and Inside of FW 2 talk to each other via
    certain ports
     
    djjase, Mar 2, 2006
    #4
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.