Solved

Pix 501 inside static route

Posted on 2007-11-13
14
358 Views
Last Modified: 2010-04-09
I am running a Pix 501 (Ver 3.0.4) with Ip 192.168.0.254. I have recently added a new VLAN to the network through a fiberline and another switch (IP 192.168.0.250). Does anyone know the CLI command for the PIX to route all traffic to the address 10.90.14.4  through a seperate switch with the ip 192.168.0.250?
0
Comment
Question by:ksbrett
  • 5
  • 5
  • 4
14 Comments
 
LVL 12

Expert Comment

by:bhnmi
ID: 20275853
from the global config

#ip router x.x.x.x (destination network) x.x.x.x (netmask) x.x.x.x (forwarding router)
0
 
LVL 12

Expert Comment

by:bhnmi
ID: 20275854
ip route I mean
0
 
LVL 28

Expert Comment

by:batry_boy
ID: 20275977
On a PIX, the command should be:

route inside 10.90.14.4 255.255.255.255 192.168.0.250

0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 28

Expert Comment

by:batry_boy
ID: 20275984
And your prompt will look something similar to this when you enter the command:

pix(config)#

0
 

Author Comment

by:ksbrett
ID: 20276083
I added the command:
route inside 10.90.14.4 255.255.255.255 192.168.1.250 1
Now I can ping 10.90.14.4 right from the pix. Workstations on the 192.168.1.x inside network (behind the pix) cannot ping the other ip 10.90.14.4. I need to have 10.90.14.4 accessible from all workstations that are behind the pix.
0
 

Author Comment

by:ksbrett
ID: 20276140
Sorry 192.168.1.x above should be 192.168.0.x
0
 
LVL 28

Expert Comment

by:batry_boy
ID: 20276142
The PIX is not a router...adding that route statement to the PIX itself allows the PIX itself to see that IP address...it will not route other source IP addresses over to that router to get to the 10.90.14.4 address.  You need a router to do this (again, the PIX is not a router)...

Unless you have another router that you can point your 192.168.1.x clients to, you will have to put in static routes on your clients similar to what you just added to the PIX...sorry, that's been an issue for years in the PIX...
0
 
LVL 12

Expert Comment

by:bhnmi
ID: 20276196
You said you have a switch with a VLAN, the switch should support enterprise routing (if its a good one)
0
 

Author Comment

by:ksbrett
ID: 20276253
Thanks barty_boy.
Looks like I will have to purchase a Cisco router. Do you know of any way to assign a static route on an XP box to accomodate this as a temp fix until I can acquire a router.
0
 

Author Comment

by:ksbrett
ID: 20276296
bhnmi,

Thanks for the input. The VLan switch is owned and configured by  a ski resort and connects various different resorts to a central reservation system. Each resort is responsible for their own network security and internet access. The V-Lan switch does not have internet access directly connected so If I use it for routing, I don't see any way to have internet on out inside network.
0
 
LVL 12

Expert Comment

by:bhnmi
ID: 20276314
Use the route add command in XP frmthe command line
0
 
LVL 28

Accepted Solution

by:
batry_boy earned 500 total points
ID: 20276350
bhnmi is correct...here is the syntax:

route add 10.90.14.4 mask 255.255.255.255 192.168.0.250
0
 

Author Comment

by:ksbrett
ID: 20276613
Thanks for everything, I'm up and running.
0
 
LVL 28

Expert Comment

by:batry_boy
ID: 20276643
Cool...
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Can Cisco resolve internet address internally 4 44
Unifi AP 4 73
access vs trunk with voice vlan 2 44
Load Balancing 3 28
Concerto Cloud Services, a provider of fully managed private, public and hybrid cloud solutions, announced today it was named to the 20 Coolest Cloud Infrastructure Vendors Of The 2017 Cloud  (http://www.concertocloud.com/about/in-the-news/2017/02/0…
For months I had no idea how to 'discover' the IP address of the other end of a link (without asking someone who knows), and it drove me batty. Think about it. You can't use Cisco Discovery Protocol (CDP) because it's not implemented on the ASAs.…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question