Routing Question...

[daidem77]

I have to subnets in my network

192.168.20.0 255.255.255.0
192.168.21.0 255.255.255.0

The gateway for my 192.168.20.0 is the inside interface of my pix 192.168.20.1

I have created a route on the pix
inside 192.168.21.0 255.255.255.0 192.168.20.2

My problem is I can ping the 192.168.21.0 network from the pix but my users with the gateway as the inside network on the pix (192.168.20.1) can't ping to this network (192.168.23.0). Can someone help me with the required access list and nat 0 commands if required.

 

[KiscoKid]

It's not very clear what your setup is - you may need to provide further info.

For instance, what is the device at 192.168.20.2? What side of the PIX is the network 192.168.23.0?

 

[NetworkGhost]

Not sure from your post but it sounds like you are trying to use the Pix to route traffic? The Pix will not do this. The pix will simply forward traffic from one interface to another. The Pix will not route traffic out the same interface it came.

 

[daidem77]

192.168.20.0 255.255.255.0 (VLAN1)
192.168.21.0 255.255.255.0 (VLAN2)

192.168.20.1 is the gateway to access the internet.

I have a router configured with sub interfaces for both vlans. Should I be making the route there? If so how can I accomplish this with a cisco router? Can I create sub interfaces on the a cisco pix 506E?

 

[NetworkGhost]

You cant create sub interfaces. You should be able to do this with your router if trunking is configured correctly. I would enable IP redirect on the routers 192.168.20.2 interface. Make the users default gateway be the router rather than the Pix.