PIX can't route back on the same interface.
Hence this does not work. So workaround will be to let
router be gateway to your subnet & PIX be gateway to
router. Router can route to remote subnet accross
point to point link as well as to PIX.
Hope this helps.
--- Bob Nawrocki wrote:
> We have a Pix firewall that is serving as a default
> gateway to the Internet
> as well as providing ipsec tunnel connectivity to
> several remote offices for
> serveral hosts on a subnet. On the same subnet we
> have a 2600 providing a
> point to point wan link. I added a route to the Pix
> on the inside interface
> to point to the 2600 for the wan route. I am still
> not able to connect to
> that subnet unless i add a specific route on the
> hosts. When running debug
> logging on the Pix I get the following output:
>
> 106011: Deny inbound (No xlate) icmp src
> inside:10.111.1.55 dst
> inside:10.112.3.3 (type 8, code 0)
>
> Any thoughts?
>
> Bob Nawrocki
> CCNP CCDP
[EMAIL PROTECTED]
__________________________________________________
Do You Yahoo!?
Make international calls for as low as $.04/minute with Yahoo! Messenger
http://phonecard.yahoo.com/
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=17362&t=17242
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
