From: Danshtr (danshtr@gmail.com)
Date: Mon Aug 22 2005 - 04:01:01 GMT-3
another option will be using PBR to route traffic through the PIX.
All you need is a router with 4 interfaces: (copy the diagram to notepad to
view it correctly)
+------------------+
intrAnet | | intErnet
..............| ........................
PBR - send to inside Router | PBR - send all to outside
| |
|'''''''''''''| ..............
| | | |
| +------------------+ |
| |
| |
| |
| |
| |
| +------------------+ |
| inside | | outside |
| | PIX .............|
+-------------+ |
+------------------+
traffic from the router's intrAnet will be PBR to the pix inside interface.
traffic from the pix's outside interface will be just routed
traffic from the router's intErnet will be PBR to the pix outside interface
traffic from the pix's inside interface will be just routed.
That way the pix has a minimal routing table, and the router is doing all
the routing job.
in order to prevent the traffic bypassing the pix when the pix is down, the
PBR shoud first point to the pix's ip address and then point to a special ip
address which should be static routed to NULL.
HTH...
On 8/20/05, cciein2006@yahoo.com <cciein2006@yahoo.com> wrote:
>
> Hello Group,
>
> I am hard pressed to find any documentation regarding routing updates
> through a firewall, particulary passing internet routing updates through a
> PIX.
>
> I would like to pass BGP routes from one location to another using the
> internal network.
>
> As far as I know, PIX supports the RIP and OSPF protocols. Does it make
> sense to redistribute BGP into OSPF and back into BGP again?
>
> What is the best way to acheive this?
>
> Thanks!
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
-- Best regards, Dan
This archive was generated by hypermail 2.1.4 : Sun Sep 04 2005 - 17:01:19 GMT-3