Two routers in the outside interface of a PIX 515

[kavsko]

Hello everyone,

I'm having a problem configuring a two routers cenario.
I need to accomplish this:

- Two routers on the outside interface
- One router to serve my internal email and web servers
- The other router to serve my lan with internet services

I have one pix 515 with 3 zones, Inside, DMZ, Outside.
Can I configure this with my PIX 515. (Something like two gateways)???

 

[Zakkas]

I think what you'll need to do is configure one of your routers to act as the core router for your internal LAN. Then say you used 192.168.100.x address scheme and assigned 192.168.100.1 or something to the routers Ethernet interface. The PIX can still be DMZ firewall with an inside address of 192.168.100.x. You just have to configure the a default route to your internal LAN pointing to 192.168.100.1.

The command would be "route inside 192.168.100.0 255.255.255.0 192.168.100.1" telling the PIX that to get to that network go to the router and the router will handle the routing leaving the PIX to handle the firewall stuff and the NAT'ing.