Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Routing problem

Status
Not open for further replies.
demoniac

demoniac

Programmer
Jun 14, 2001
63
US
I'm having some routing problems with my PIX. I have two routes setup in the PIX :

inside 10.0.10.0 255.255.255.0 10.0.0.90
inside 10.0.11.0 255.255.255.0 10.0.0.90
inside 10.0.0.0 255.255.248.0 10.0.0.16 (default)

And it works. If I am inside the firewall I can ping 10.0.11.1, 10.0.10.1, and 10.0.0.1 all just fine.

However, I have my machine setup with 10.0.0.16 as the gateway (the PIX), but I can't ping 10.0.10.1. Anybody have any ideas? 10.0.0.90 is a load balancing switch and it's default gateway is 10.0.0.16 as well.

Thanks,
Rich
 
Sort by date Sort by votes
A PIX can't operate as a router on a stick. I.E. It won't redirect. It will only route through the PIX. You will need a router if you want to do otherwise.
 
Upvote 0 Downvote
ahhh, dammit. You know, that would make things about 500 times easier if it could too.

Oh well, thanks for the fast answer. :)
 
Upvote 0 Downvote
From some of the posts that I have seen around here, there is talk about the next version 6.3 being able to handle some routing duties. Just passing on what I have heard. It will be great if it does.
 
Upvote 0 Downvote
HI.

A workaround is to configure the hosts in 10.0.0.0 network that need access to other networks (servers, administrator workstation, or all hosts) with either of the following:
Option A: a default gateway of 10.0.0.90
This is a simple solution, but generates some additional load on the 10.0.0.90 device.
Option B: configure static route on those hosts, for example:
route add 10.0.10.0 mask 255.255.255.0 10.0.0.90
route add 10.0.11.0 mask 255.255.255.0 10.0.0.90
One way to implement this is login script.
Other way is saving the routes to registry using the "-p" switch.
The disadvantage here is that static routes are static.

> inside 10.0.0.0 255.255.248.0 10.0.0.16 (default)
The pix does not need a route command pointing to its directly connected network.
If 10.0.0.16 is the pix itself then no need for that line in the pix configuration.

Bye
Yizhar Hurwitz
 
Upvote 0 Downvote
I was having the same exact problem and went with static routes. I made them persistent routes and I added in them into my desktop image so when I deploy a new computer they have the routes.

I was working with Cisco on this and asked them about this and if it would be fixed in 6.3 and he said no and to tell my local rep to tell cisco that this issue should be fixed in the next release.

Patrick
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Modem80
  • Locked
  • Question
Novice SonicOS user, need routing help
Replies
2
Views
101
Modem80
Modem80
ITSUPPORTIT
  • Locked
  • Question
VPN from ASA 5510 and RV215W problem
Replies
0
Views
78
ITSUPPORTIT
ITSUPPORTIT
wrighbr1
  • Locked
  • Question
Cisco ASA 5505 site to site VPN problem
Replies
0
Views
61
wrighbr1
wrighbr1
mattbarkerlfc
  • Locked
  • Question
Checkpoint 2200 subnet overlap problem
Replies
0
Views
76
mattbarkerlfc
mattbarkerlfc
sebd44
  • Locked
  • Question
sonicwall statistics problem
Replies
0
Views
57
sebd44
sebd44

Part and Inventory Search

Sponsor

Back
Top