Solved

Network Design Question

Posted on 2007-11-16
2
227 Views
Last Modified: 2010-04-17
Right now a pix firewall is the edge device. It connects directly to the ISP's router. I am going to use BGP with an additional edge router to multihome 2 isp's. What is the best configuration as far as routing protocols?

The Pix can use Rip or OSPF. Should I use a protocol or just static routes on the pix? Is it possible to run BGP on the edge router and have the Pix outside int connected to a switch with the router on the switch too? This is because there is another failover pix, so i assume there needs to be a switch in between the router and the pix.

On the inside of the pix there is a L3 switch doing internal routing. It is using EIGRP.

What is the best way to design this?
0
Comment
Question by:jaysonfranklin
2 Comments
 
LVL 28

Accepted Solution

by:
Jan Springer earned 500 total points
ID: 20301472
ISP A/ISP B (BGP) -> your router (BGP)
your router (static routes) -> pix

Make sure that you have a static route to null0 with a weight of 250 for the networks that you will be advertising via BGP.  That way if the ethernet or switch goes down or the pix does not failover, your routes will not be withdrawn.

you are correct that you need a switch to connect the two firewalls and a router for failover to the inside network.
0
 
LVL 1

Author Comment

by:jaysonfranklin
ID: 20314091
Ok, thanks...
0

Featured Post

Give your grad a cloud of their own!

With up to 8TB of storage, give your favorite graduate their own personal cloud to centralize all their photos, videos and music in one safe place. They can save, sync and share all their stuff, and automatic photo backup helps free up space on their smartphone and tablet.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Data center, now-a-days, is referred as the home of all the advanced technologies. In-fact, most of the businesses are now establishing their entire organizational structure around the IT capabilities.
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

27 Experts available now in Live!

Get 1:1 Help Now