• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 367
  • Last Modified:

Pix 501 inside static route

I am running a Pix 501 (Ver 3.0.4) with Ip 192.168.0.254. I have recently added a new VLAN to the network through a fiberline and another switch (IP 192.168.0.250). Does anyone know the CLI command for the PIX to route all traffic to the address 10.90.14.4  through a seperate switch with the ip 192.168.0.250?
0
ksbrett
Asked:
ksbrett
  • 5
  • 5
  • 4
1 Solution
 
bhnmiCommented:
from the global config

#ip router x.x.x.x (destination network) x.x.x.x (netmask) x.x.x.x (forwarding router)
0
 
bhnmiCommented:
ip route I mean
0
 
batry_boyCommented:
On a PIX, the command should be:

route inside 10.90.14.4 255.255.255.255 192.168.0.250

0
Turn Raw Data into a Real Career

There’s a growing demand for qualified analysts who can make sense of Big Data. With an MS in Data Analytics, you can become the data mining, management, mapping, and munging expert that today’s leading corporations desperately need.

 
batry_boyCommented:
And your prompt will look something similar to this when you enter the command:

pix(config)#

0
 
ksbrettAuthor Commented:
I added the command:
route inside 10.90.14.4 255.255.255.255 192.168.1.250 1
Now I can ping 10.90.14.4 right from the pix. Workstations on the 192.168.1.x inside network (behind the pix) cannot ping the other ip 10.90.14.4. I need to have 10.90.14.4 accessible from all workstations that are behind the pix.
0
 
ksbrettAuthor Commented:
Sorry 192.168.1.x above should be 192.168.0.x
0
 
batry_boyCommented:
The PIX is not a router...adding that route statement to the PIX itself allows the PIX itself to see that IP address...it will not route other source IP addresses over to that router to get to the 10.90.14.4 address.  You need a router to do this (again, the PIX is not a router)...

Unless you have another router that you can point your 192.168.1.x clients to, you will have to put in static routes on your clients similar to what you just added to the PIX...sorry, that's been an issue for years in the PIX...
0
 
bhnmiCommented:
You said you have a switch with a VLAN, the switch should support enterprise routing (if its a good one)
0
 
ksbrettAuthor Commented:
Thanks barty_boy.
Looks like I will have to purchase a Cisco router. Do you know of any way to assign a static route on an XP box to accomodate this as a temp fix until I can acquire a router.
0
 
ksbrettAuthor Commented:
bhnmi,

Thanks for the input. The VLan switch is owned and configured by  a ski resort and connects various different resorts to a central reservation system. Each resort is responsible for their own network security and internet access. The V-Lan switch does not have internet access directly connected so If I use it for routing, I don't see any way to have internet on out inside network.
0
 
bhnmiCommented:
Use the route add command in XP frmthe command line
0
 
batry_boyCommented:
bhnmi is correct...here is the syntax:

route add 10.90.14.4 mask 255.255.255.255 192.168.0.250
0
 
ksbrettAuthor Commented:
Thanks for everything, I'm up and running.
0
 
batry_boyCommented:
Cool...
0

Featured Post

Become an IT Security Management Expert

In today’s fast-paced, digitally transformed world of business, the need to protect network data and ensure cloud privacy has never been greater. With a B.S. in Network Operations and Security, you can get the credentials it takes to become an IT security management expert.

  • 5
  • 5
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now