[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Cisco Firewall PIX and Default Gateway help

Posted on 2005-05-10
6
Medium Priority
?
283 Views
Last Modified: 2013-11-16
We currently have one PIX, but I am now looking to implement two in failover.

Currrently the LAN is connected to a default gateway router, and then the router to our firewall.

I have Cisco experience, but Im a bit confused about a few things.

1) we do not have a DMZ currently but I will be putting this in later on. All the routers that our default router routes to, will be put on this DMZ. Would we still need the gateway router then, or would the routes be done on the firewall.

2) How would I connect up the default gateway in a 2 firewall setup?

Thanks
0
Comment
Question by:ganan99
  • 3
4 Comments
 
LVL 79

Expert Comment

by:lrmoore
ID: 13967135
2 PIX failover pair:

    Router1
        |
    [switch]
      |     |
   PIX1  PIX2
      |     |
     [switch]

As far as the router is concerned, there is only one pix. They are Active/Standby. You just need all three interfaces connected via switch.
0
 
LVL 1

Author Comment

by:ganan99
ID: 13967144
Sorry didnt mention that we will have 2 routers from ISP for redundancy.

where would the default gateway go?
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 500 total points
ID: 13967247
Well.... now you have an issue. PIX can have only one default gateway as static route.
Solution: Enable OSPF

    R1   R2
    |       |
    [switch]
      |     |
   PIX1  PIX2
      |     |
     [switch]

Enable OSPF on R1, R2 and PIX
R1
  ip route 0.0.0.0 0.0.0.0 <ip address>
  router ospf 10
    network <Lan subnet of R1/R2/PIX> 0.0.0.255 area 0
    default-information originate

R2
  ip route 0.0.0.0 0.0.0.0 <iop address>
   router ospf 10
     network <Lan subnet of R1/R2/PIX> 0.0.0.255 area 0
     default-information originate

PIX
 router ospf 10
    area 0
    network <lan subnet> 255.255.255.0
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 14354252
Are you still working on this?
Have you found a solution?
Do you need more information?

This question will be classified as abandoned soon if we don't get some feedback from you.

Can you close out this question? See here for details:
http://www.experts-exchange.com/help.jsp#hs5

Thanks for your attention!
0

Featured Post

[Webinar] Cloud and Mobile-First Strategy

Maybe you’ve fully adopted the cloud since the beginning. Or maybe you started with on-prem resources but are pursuing a “cloud and mobile first” strategy. Getting to that end state has its challenges. Discover how to build out a 100% cloud and mobile IT strategy in this webinar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many of the companies I’ve worked with have embraced cloud solutions due to their desire to “get out of the datacenter business.” The ability to achieve better security and availability, and the speed with which they are able to deploy, is far grea…
Considering cloud tradeoffs and determining the right mix for your organization.
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses

873 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question