Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

PIX 515 Options

Status
Not open for further replies.
Bubbalouie

Bubbalouie

Technical User
Mar 25, 2009
107
US
OK, so I'm only used to using PIX 506e's and I just got this shiny, bright 515...

I have two internet connections. I note that there are 2 ethernet ports on the back of the 515.

I'm wondering the following:

Could I hook one of my internet connections to Ethernet0 and have all incoming vpn traffic coming in that interface AND hook my other internet connection to Ethernet1 and have all outgoing vpn traffic exiting there.

Is that even possible? If so, what would that kinda setup be called? Let me know and I'll google it!

Thanks In Advance

 
Sort by date Sort by votes
hmm... I see I left out an important piece of information here so let me elaborate.

The PIX 506e has a total of 2 ethernet ports. 1 is hooked up to an internet connection that handles all traffic coming in and out of the firewall and the other is connected to my LAN. I have no other available ports besides a console on the PIX after that.

My PIX 515 has a total of 6 ethernet ports (kind of an important detail i left out there!):

0: ethernet0: address is 0050.54ff.2341, irq 10
1: ethernet1: address is 0050.54ff.2342, irq 7
2: ethernet2: address is 00e0.b600.da8c, irq 9
3: ethernet3: address is 00e0.b600.da8b, irq 9
4: ethernet4: address is 00e0.b600.da8a, irq 9
5: ethernet5: address is 00e0.b600.da89, irq 9

I wonder if I could hook 1 internet connection to ethernet0 to handle all incoming traffic, hook the other internet connection to ethernet1 and route all outbound traffic thru it and use ethernet2 to connect to my LAN.

I'm thinking that doing this might prevent the heavy loads I sometimes see on the PIX 506e that degrades my VPN performance.

Thanks!
 
Upvote 0 Downvote
If I understand you correctly, you want to use ethernet0 as outside interface and ethernet2 as inside interface. You now want to route vpn traffic via ethernet1 (dmz/vpn). Yes, this can be done. The 515e has more grunt than the 506e so the performance degradation you get should be reduced depending on how much traffic you are pushing through.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

xwray
  • Locked
  • Question
PIX 501 DHCP Server function
Replies
0
Views
108
xwray
xwray
brownmab53
  • Locked
  • Question
PIX 525 ASA not allowing DHCP addresses to pass through to router
Replies
0
Views
147
brownmab53
brownmab53
quazimotto
  • Locked
  • Question
Correct Upgrade Path for PIX
Replies
7
Views
208
quazimotto
quazimotto
quazimotto
  • Locked
  • Question
Ping thru PIX to subnet inside??!!
Replies
0
Views
85
quazimotto
quazimotto
anoble1
  • Locked
  • Question
Need help setting up PIX 515 for home use along with DMZ PS4 configuration
Replies
0
Views
116
anoble1
anoble1

Part and Inventory Search

Sponsor

Back
Top