Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Static routes in Pix

Posted on 2009-07-09
5
Medium Priority
?
229 Views
Last Modified: 2012-05-07
I see the following route in the pix configuration. It seems that a few of them are not required. Would there be any reason to have all of these routes? For example, I see this route
route inside 10.176.0.0 255.240.0.0 192.168.22.3 1
Then I have the following
route inside 10.176.0.0 255.255.254.0 192.168.22.3 1
route inside 10.177.0.0 255.255.252.0 192.168.22.3 1
route inside 10.182.0.0 255.252.0.0 192.168.22.3 1
route inside 10.188.0.0 255.252.0.0 192.168.22.3 1
Wouldn't the first route cover these?
0
Comment
Question by:Jelonet
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 6

Expert Comment

by:tgtcat69
ID: 24813591
Yes

The first route would cover 10.176.0.0 - 10.191.255.255

0
 

Author Comment

by:Jelonet
ID: 24813873
Exactly. I understand that part, thank you. I was wondering if there would be any reason why the other routes would be used. Since they are staic routes, someone put them in there manually and I'm just not understnading why? I didn't want to delete them if they are needed for some odd reason.
0
 
LVL 6

Expert Comment

by:tgtcat69
ID: 24813903
They wouldn't be used.  The first line would encompass them.  From what I remember, once a packet finds a rule that it applies to it, it uses that rule.

0
 
LVL 6

Accepted Solution

by:
tgtcat69 earned 1000 total points
ID: 24813920
I guess I should clarify...some systems use a fall through method where the last rule that is found is the one that is followed...as opposed to Cisco where the first rule that's found is the one that's used
0
 

Author Closing Comment

by:Jelonet
ID: 31601579
Thank you. I thought maybe I was missing something here. I know it will take the more specific route but they are all going to the same IP so...Oh well, I'm deleting them.
0

Featured Post

[Webinar] How Hackers Steal Your Credentials

Do You Know How Hackers Steal Your Credentials? Join us and Skyport Systems to learn how hackers steal your credentials and why Active Directory must be secure to stop them.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
For months I had no idea how to 'discover' the IP address of the other end of a link (without asking someone who knows), and it drove me batty. Think about it. You can't use Cisco Discovery Protocol (CDP) because it's not implemented on the ASAs.…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question