PIX 515e handle multi link like 2 isp

[JackyZhang]

Our PIX has 6 interface, current
Interface 0 -- outside
Interface 1 -- inside
Interface 2 -- not use
Interface 3 -- failover
Interface 4 -- no use
Interface 5 -- not use

Interface 0 is connected to our isp
interface 1 is connected to our corp network

We have VPN site to Site network go through internet

and we want to connect one big private network ( not belong to us) through interface 2, there will be sperate Link to vedor, and and will have VPN site to site go through this interface 2, so in this case, all internet traffic will go through interface 0, and some VPN site to site through internet, also connect to verdor's private network through interface 2, and also has VPN site to site in this private network, our corp network will still connect through interface 1

I would like to know if this doable, and PIX is good to handle this?

Thanks,


Jacky Zhang
CNE,MCSE

 

[HungryHouse]

I think you can do it by either:
1)Creating sub-interfaces off of LAN0 and vlan tag out to the border router/next hop (be sure if next hop is ISP that they can and will work with you on their end to take in the .1q tag)
2)Make your life easy and use on your many interfaces and create a real second public.

I hope this helps.
-HH