RE: How to enable one-arm routing in PIX

From: Pun, Alec CL (Alec.CL.Pun@pccw.com)
Date: Tue Jan 20 2004 - 23:55:11 GMT-3

• Next message: Kenneth Wygand: "RE: Split horizon"
• Previous message: David Porta: "Split horizon"
• Maybe in reply to: Scott Morris: "RE: How to enable one-arm routing in PIX"
• Next in thread: Kenneth Wygand: "RE: How to enable one-arm routing in PIX"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

How about any way to enable icmp redirect in PIX ? I mean on the inside
interface.

-----Original Message-----
From: Dave Swink (dswink) [mailto:dswink@cisco.com]
Sent: Wednesday, January 21, 2004 12:18 AM
To: 'Scott Morris'; 'Driessens.Hans'; 'Pun, Alec CL';
ccielab@groupstudy.com
Subject: RE: How to enable one-arm routing in PIX

Hans,

Good idea, unfortunately it does not work. The PIX does not allow
routing in and out of the same PHYSICAL interface. The was my experience
with it, at least. If someone can make it work, please share.

Dave Swink, CCIE #11678, CISSP

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Scott Morris
Sent: Tuesday, January 20, 2004 8:27 AM
To: 'Driessens.Hans'; 'Pun, Alec CL'; ccielab@groupstudy.com
Subject: RE: How to enable one-arm routing in PIX

That would be like multi-fingered routing. :)

-----Original Message-----
From: Driessens.Hans [mailto:hans.driessens@siemens.com]
Sent: Tuesday, January 20, 2004 9:03 AM
To: Scott Morris; 'Pun, Alec CL'; ccielab@groupstudy.com
Subject: RE: How to enable one-arm routing in PIX

Hi group

since ver 6.3 you can do trunking and make two logical interface on one
physical interface.... that looks like a onearmed router to me(one-armed
pix)

cheers
hans

-----Oorspronkelijk bericht-----
Van: Scott Morris [mailto:swm@emanon.com]
Verzonden: Tuesday, January 20, 2004 14:49
Aan: 'Pun, Alec CL'; ccielab@groupstudy.com
Onderwerp: RE: How to enable one-arm routing in PIX

Nope. Once it goes into the PIX on one interface it MUST exit via a
different interface. Your PIX is a firewall, not supposed to be a
router!
:)

Scott

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Pun, Alec CL
Sent: Tuesday, January 20, 2004 5:31 AM
To: ccielab@groupstudy.com
Subject: OT : How to enable one-arm routing in PIX

Hi group,

Any method to enable one-arm routing in PIX ? It seems PIX by default
does not allow routing in and out using the same interface, e.g. inside.
Any way to bypass this restriction.

rgds,
alec

• Next message: Kenneth Wygand: "RE: Split horizon"
• Previous message: David Porta: "Split horizon"
• Maybe in reply to: Scott Morris: "RE: How to enable one-arm routing in PIX"
• Next in thread: Kenneth Wygand: "RE: How to enable one-arm routing in PIX"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Mon Feb 02 2004 - 09:07:48 GMT-3