Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

PIX 8.0 Route through Different interface

Posted on 2017-10-12
4
High Priority
?
30 Views
Last Modified: 2017-10-19
Hello Experts,

I would like to change my current (route outside 0.0.0.0 0.0.0.0 64.64.64.230 1) outgoing internet traffic through different interface  (route dsl1 0.0.0.0 0.0.0.0 192.168.254.254 2)


route outside 0.0.0.0 0.0.0.0 64.64.64.230 1
route dsl1 0.0.0.0 0.0.0.0 192.168.254.254 2
route dsl2 0.0.0.0 0.0.0.0 172.16.17.254 3

i Tried unplugging the outside interface hoping internet traffic would go out the other interfaces but it did not. so maybe  i am  overlooking something. I thought that since they have 1, 2, 3, after each route it is supposed to go out other interfaces if it fails on the first one.
Please note i can only use  SSH to make changes no ASDM
Please provide exact step by step solution. my PiX knowledge is very limited
Running Config Attached
Thank you
Running-Config-temp.txt
0
Comment
Question by:icdl101
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 80

Accepted Solution

by:
arnold earned 2100 total points
ID: 42329414
Weight means the higher the number, the lower the preference. Note the used term is weight.
You should use interface versus IP when your DSL feed can drop as that will auto transition by removing the route from consider while the ip based roure will need to have tests to dynamically test a path and then update

route outside 0.0.0.0 0.0.0.0 outside_interface 1
route dsl1 0.0.0.0 0.0.0.0 dsl1_interface 2
route dsl2 0.0.0.0 0.0.0.0 dsl2_interface 3

This way when DSL1 drops, the second route will become invalid and will be removed.

There are other issues when using interfaces in routing rules.
If you use IPs, you have to use SLA type tests such as pinging a destination by way of a specific interface and on failure, you apply a rule to ...reduce its preference.....
0
 
LVL 80

Expert Comment

by:arnold
Look at the reference that applies to version iOS 9.x rather but they may have a similar for version 8.3 or potentially you could update yours to get ...

But the discussion covers what you are asking about which deals with converging access to the outside when there is an issue with a preferred path.

https://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/118962-configure-asa-00.html
0
 
LVL 6

Assisted Solution

by:Wissam
Wissam earned 900 total points
Have you tried to link ip slas on routes?

route outside 0.0.0.0 0.0.0.0 2.2.2.2 track 1
route Dsl2 0.0.0.0 0.0.0.0 3.3.3.3 20
sla monitor 10
type echo protocol ipIcmpEcho 8.8.8.8 interface outside
num-packets 3
frequency 10
sla monitor schedule 123 life forever start-time now
track 1 rtr 123 reachability


You can do NAT in same way,  name the interfaces depending on what you use
0
 

Author Comment

by:icdl101
Thank you Guys,
The solutions has been  very helpful. Really appreciate your time and effort.
0

Featured Post

Looking for a new Web Host?

Lunarpages' assortment of hosting products and solutions ensure a perfect fit for anyone looking to get their vision or products to market. Our award winning customer support and 30-day money back guarantee show the pride we take in being the industry's premier MSP.

Join & Write a Comment

Powerful tools can do wonders, but only in the right hands.  Nowhere is this more obvious than with the cloud.
This month, Experts Exchange’s free Course of the Month is focused on CompTIA IT Fundamentals.
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Suggested Courses

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question