HELP WITH INTERNAL ROUTING ON PIX!!!

[evildik]

Scenario is as follows


192.168.10.0
|
Router Internet
| |
VPN Router
| |
Netscreen PIX 515
| |
\ /
LAN
|
WORKSTATIONS


Netscreen 192.168.0.2
PIX 192.168.0.1

Everyone on the lan interface uses the PIX as the default router. For some reason when i add
route inside 192.168.10.0 255.255.0.0 192.168.0.2 1 to the pix the clients cannot get to the 192.168.10.0 subnet using the PIX to route internally to the netscreen.

But setting a internal route on the PIX should allow users to route to the netscreen firewall shouldn't it?

From the pix i can ping the netscreen.
From the workstations i can ping the pix and the netscreen
From the workstations by adding a static route locally on the workstation i can ping the remote network..


HELP SOMEONE?

 

[yogeshji]

Hi,

As I see, you are using subnet mask for remote network as 255.255.0.0.

Which means that you local network 192.168.0.0 and remote network 192.168.10.0. is in same subnet.

I think that good to be one of the reasons

 

[evildik]

I apologize the remote subnet is not 192.168.10.0 lets use 172.16.10.0 255.255.0.0

 

[ChrisAC]

The Pix will not route 'on a stick'. Traffic entering one interface must be forwared through a different interface and not back through the same one.

Chris.

**********************
Chris A.C, CCNA, CCSA
**********************