Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations derfloh on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

PIX / Routing question 1

Status
Not open for further replies.
br0ck

br0ck

MIS
Joined
Apr 25, 2002
Messages
467
Location
US
below is the network i'm working with
the pix it the GW for the 10.0.0.0 network
i have a pix ver 6.3.3
now i have added:
route inside 10.0.1.0 255.255.255.0 10.0.0.254 2
and the pix pings hosts on the other network fine
why will the pix not foward the 10.0.1.0 traffic to that network
i have to add the route into the servers for the remote users to get access
Please Advise

===========================================================
Internet
|
|
DSL Bridge
| Internet
| |
PIX Servers DSL ROUTER
|---------|-------| 10.0.0.0 10.0.1.0 |-----------------|
FRAME Router FRAME Router
10.0.0.254 |---------------768k--------------| 10.0.1.254
 
Sort by date Sort by votes
HI.

This is a common problem.
The pix does not send traffic back to the interface it came from and does not send ICMP redirect messages.

I also use the same solution as you had, by specifing static route on the hosts.

For Windows servers, use the command:

route -p add 10.0.1.0 mask 255.255.255.0 10.0.0.254

For workstations, you can use a logon script with the same command but without the "-p" switch. However workstations normaly do not need access to the remote sites (only the administrator own workstations needs it) so this logon script is optional.

There are other optional solutions but this one seems to me like the best one, as you already have done.



Yizhar Hurwitz
 
Upvote 0 Downvote
thanks for the responce
i may put a router in the mix to fix this

BTW
i am intersted in you pix traffic monitor application
can you give me any information on it

support@inecta.com


Thanks
b-
 
Upvote 0 Downvote
HI.

> i may put a router in the mix to fix this
Yes, this can solve the problem, but at the cost of additional point of failure.

> i am intersted in you pix traffic monitor application
I'll send you an email.

Bye



Yizhar Hurwitz
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

intel233
  • Locked
  • Question Question
Cisco ASA - VPN Question
Replies
6
Views
1K
intel233
intel233
xwray
  • Locked
  • Question Question
PIX 501 DHCP Server function
Replies
0
Views
261
xwray
xwray
Modem80
  • Locked
  • Question Question
Novice SonicOS user, need routing help
Replies
2
Views
335
Modem80
Modem80
brownmab53
  • Locked
  • Question Question
PIX 525 ASA not allowing DHCP addresses to pass through to router
Replies
0
Views
316
brownmab53
brownmab53
NoCoolHandle
  • Locked
  • Question Question
TLS 1.0 vrs TLS 1.1 vrs 1.2 connection strategy question
Replies
1
Views
295
ChrisHirst
ChrisHirst

Part and Inventory Search

Sponsor

Back
Top