Cisco Pix Route issue

Posted on 2009-02-13
Last Modified: 2012-05-06
Attempting to switch DSL providers.  I am not great with Cisco configs.  The PIX and configuration was previously existing to us taking on this client.  Just want to change the external ip address and route for the new DSL service.  Used "ip address outside" to set the outside address.   Can ping the DSL modem, so that is good.  Tried to change the route statement.  Typed in "route outside 1" where is the ip address of the Gateway.   After setting the route statement and then typing in show routes, another route appeared  "route outside 1 CONNECT static".    Where does this route come from?  Am I missing a route that I need to add?  Though I can ping the modem, I cannot get beyond, i.e. ping the DNS server.

Any ideas?  

Question by:citechsolutions
    LVL 28

    Expert Comment

    "route outside 1 CONNECT static"
    Directly-connected networks always appear in your routing table.  This behavior is by design.

    I suspect that you have to remove the old routing statement.

    Enter "show run | include route".  This will show all of the routing statements.  You will need to remove the old routing statement by negating it with the "no" statement.  (i.e., "no route outside w.x.y.z")
    LVL 28

    Expert Comment

    You may also need to change your "global" statement.  Do a "show run | include global" and make sure that the global statement uses the "interface" keyword, and does not reference your old IP address.

    Author Comment

    Thanks.  So the PIX automatically senses the connected network and adds the route?  Maybe there are other routes that were not showing that prevented us from reaching the internet.  We are onsite again on Monday and I will give this a try.
    LVL 79

    Expert Comment

    >Typed in "route outside 1
    Did you also type in
      no route outside x.x.x.x

    Asavener is correct that you probably now have two default routes - both old one and new one.
    Some commands change the existing entry when you add the same line with different information and some entries require removing the old one with "no" and then entering the new one. So by simply adding a new default route, you now have two of them and this will cause serious issues trying to access the Internet.
    LVL 28

    Accepted Solution

    "So the PIX automatically senses the connected network and adds the route?"
    It senses that the interface is up, and it knows that you have assigned an IP address and subnet to the interface.  So it knows that the subnet containing is directly connected to the outside interface.

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    Join & Write a Comment

    Overview The Cisco PIX 501, PIX 506e, ASA 5505 and ASA 5510 (most if not all of this information will be relevant to the PIX 515e but I do not have a working configuration handy to verify the validity) are primarily used within small to medium busi…
    This article will cover setting up redundant ISPs for outbound connectivity on an ASA 5510 (although the same should work on the 5520s and up as well).  It’s important to note that this covers outbound connectivity only.  The ASA does not have built…
    Internet Business Fax to Email Made Easy - With eFax Corporate (, you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
    Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…

    732 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    18 Experts available now in Live!

    Get 1:1 Help Now