| Multiple ISP links with PIX I currently have:
T1->2610->Pix515E w/6 Physical Interfaces->3550 Switch
We are using NAT on the PIX for our Internet connection. We are also have an IPSec VPN on the PIX going to other sites with PIX.
Issue: I want to add a DSL line and have some internal hosts use the DSL for Internet while other hosts (servers) use the T1. It is sort of load balancing but more static.
I have looked at using HSRP but that does not work in this scenario. Any ideas?
JS |
|
 WireHeadHayabusa EaterPremium
join:2001-05-09
Muncie, IN | can't you have DHCP issues a different gateway for those boxes? perhaps different gateways for different client types. |
|
|
|
| It is not a problem to have different gateways; the servers are static and they will use the T1, the clients are DHCP and they will use the DSL. I can staticly assign the servers gateway and DHCP a different gateway for the clients. That is not the issue.
The problem is the PIX cannot have more than one default route, so going through it I have no way to direct some clients to one interface and others clients to the other interface.
JS |
|
aryobaPremium,MVM
join:2002-08-22
kudos:1 | Use the 2610 Don't use the PIX to do the job then. Let the 2610 does it ...  |
|
jdmatl
join:2000-04-27
Deerfield Beach, FL | reply to joeshook
Re: Multiple ISP links with PIX got around $1,700.00?
»www.firewalls.com/pc/viewPrd.asp···duct=129
This will let you load balance your connections.
You have to have something load balancing between the different WAN circuits before it gets to the pix.
t1
|
2600
|
--LoadBalancer--pix
|
dsl |
|
| reply to joeshook
aryoba is right - what you want to do is route requests based on source IP - not destination IP - so routing is not going to help here (unless as someone suggested, you assign two different DG address - and even then, can't do what you want on the PIX).
workaround: do it on the 2610 - connect the ADSL line to the 2610 and then do policy routing to send traffic either thru the T1 or the ADSL link |
|
