Cisco PIX 501 - Assign two address pools

Posted on 2005-04-16
Last Modified: 2010-04-17
this is the 2nd time I have asked this question.
I deleted out the old one as it was a month old.
So here we go again.
Hello All;

  Need information on the following:

  I have 2- Cable Modems.
  12 Static IP Address's.

This is how the network looks right now

Modem     Modem
    |              |
        Switch   <-- CNet CNSH-1600
           PIX     <-- 501
         Switch   <-- D-Link DSS-24 10/100 Switch
        |  |  |  |
       Network   <-- 6 Server - 2 Computers

IP Address's:, 76, 78 ,79, 80, 81, 82, 83, 84, 85, 86, 87

What I would like to do is to do 2-Address Pools.
.75 - .81 ---> Cable Madem #1
.82 - .87 ---> Cable Modem #2

The user on here [Wingatesl] Provided me with the Diagram above.
But did not ever come back into the post to give me any more information.
On what I would need to do with the 2-address pools.

So please, any information that you all may have to give, is very greatful.
I am going to do some more reading on the Address Pools.
And see what I can come up with as well.
And will post all my findings in here.

Take Care
Question by:Wayne Barron
    LVL 79

    Expert Comment

    There is one fundamental issue with this whole scenario.
    The PIX can have one and only one default gateway. It can use only one or the other cable modem for outgoing traffic based on that fact.

    LVL 30

    Author Comment

    by:Wayne Barron
    OK, so there is no way to assign "2 Address Pools" to the PIX.

    Could you please let me know which "Cisco Router" That will alow this type
    Of connects?
    LVL 79

    Accepted Solution

    I didn't say you couldn't assign 2 address pools to the PIX. You certainly can

    global (outside) 1 x.x.x.75-x.x.x.81
    global (outside) 2 x.x.x.82-x.x.x.87
    nat (inside) 1 <subnet> <mask>
    nat (inside) 2 <subnet> <mask>

    Or use access-lists to define which internal hosts use which external pool

    Using multiple default gateways is an advanced routing function not available on the PIX 501 or 506, but has been added to the new 515 and up with version 7.0(1)

    Almost any IOS router will allow you to use route-maps to accomplish what you want. But a router with dual 10/100 interfaces, like a 2811, will run you almost as much as a PIX 515e.
    However, since you have not said what your goal was, that is a blanket statement. If you want any kind of automatic failover, That's not the answer.
    LVL 30

    Author Comment

    by:Wayne Barron
    Hello lrmoore;

      Thanks for the information.

    What the goal is:

    To have 2 Cable Modems.
    1st Modem -
    Handles web sites from IP Range: .75 - .80 & Mail Server on .81

    2nd Modem -
    Handles Mail Server on .82 & other Sites fromIP Range .83 - .87

    This is what the plan is.
    So that it will not have traffic assigned to each of the modems instead of 1 modem
    Taking on all the Traffic and bogging down the Bandwidth.
    LVL 79

    Expert Comment

    To be quite honest, your best bet may be to simply use two PIX 501's, each with their own host IP's and their own default gateway. You can still have both PIX's on the same internal network and just change the default gatewy on the hosts as appropriate.
    LVL 30

    Author Comment

    by:Wayne Barron
    Thanks for the inoformation.
    I am going to return the extra modem, as it is not going to be beneficial
    To my company to have it in here, and to also have to buy another piece of
    Hardware, is not worth the hassle.

    Take Care and thanks for the information.


    Featured Post

    IT, Stop Being Called Into Every Meeting

    Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

    Join & Write a Comment

    Suggested Solutions

    In a WLAN, anything you broadcast over the air can be intercepted.  By default a wireless network is wide open to all until security is configured. Even when security is configured information can still be intercepted! It is very important that you …
    Tired of waiting for your show or movie to load?  Are buffering issues a constant problem with your internet connection?  Check this article out to see if these simple adjustments are the solution for you.
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

    732 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    17 Experts available now in Live!

    Get 1:1 Help Now