Two PIX on one network 1

[RonGA]

Hi

We wanted to reduce the load on our PIX so we have decided to install a second PIX 515E on our network to handle VPN traffic. The original PIX is the gateway for all internal network devices. Both PIXs have their inside interface on the same network.

We are using both site-to-site and remote client VPNs. The remote client VPN works correctly but the site-to-site VPN only works if the gateway address on our internal network is changed to the second PIX.

Is this configuration valid or do I need to install another interface into the first PIX, connect the second PIX to that, and route the traffic through there?

Regards,
Ron

 

[LarryTheCucumber]

We have three PIX on our network doing this. All we needed to do was make sure we had a route to the remote sites with the gateway set to the secondary or tertiary PIX.

 

[RonGA]

I have an inside interface static route in the primary PIX set that way. When I added it I was able to Ping the remote network but normal traffic won't flow.