heathcote123
asked on
Pix 501 multiple external IP addresses
Hi
I need to replace a GTA gnatbox with a cisco pix 501, which would usually be straight forward enough, but theres a small catch.
The gnatbox supports aliasing multiple IP addresses to the exterrnal interface, which we currently use to provide for fault tolerance for email etc. After the external interface there is 2 adsl routers from 2 different ISP's, so the external interface has (for example) 100.100.100.101/248 as its primary IP, and 200.200.200.202/248 as its alias. Both 100.100.100.101 & 200.200.200.202 are port forwarded through to a mail & web server on the Lan.
How do you do this with the pix? I can only seem to specify 1 outside IP address at a time?
Cheers
Richard
I need to replace a GTA gnatbox with a cisco pix 501, which would usually be straight forward enough, but theres a small catch.
The gnatbox supports aliasing multiple IP addresses to the exterrnal interface, which we currently use to provide for fault tolerance for email etc. After the external interface there is 2 adsl routers from 2 different ISP's, so the external interface has (for example) 100.100.100.101/248 as its primary IP, and 200.200.200.202/248 as its alias. Both 100.100.100.101 & 200.200.200.202 are port forwarded through to a mail & web server on the Lan.
How do you do this with the pix? I can only seem to specify 1 outside IP address at a time?
Cheers
Richard
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
A follow up question if I may!
It's been suggested to me that the alias command can be used on the outside interface on the 501, though I couldnt find any documention to support using the alias command in that way.
Alternatively, if I went up to a 506, would that support multiple IP's on the outside interface?
It's been suggested to me that the alias command can be used on the outside interface on the 501, though I couldnt find any documention to support using the alias command in that way.
Alternatively, if I went up to a 506, would that support multiple IP's on the outside interface?
No PIX supports multiple IP's on one interface. You can put any number of secondary IP's on any Cisco router interface, but alas, the PIX ain't a router.
Alias command has been deprecated and replaced by outside nat. It is used by internal users trying to connect to an internal server using the public IP address. Mainly. I don't see any use for it in your situation.
Alias command has been deprecated and replaced by outside nat. It is used by internal users trying to connect to an internal server using the public IP address. Mainly. I don't see any use for it in your situation.
ASKER