Or, god forbid, a conduit!
Ryan Leathers wrote:
Hey guys. Sorry I am a little late with this thread. I usually try to respond to
routing / networking questions on this list since thats sorta my "thing"
The PIX can route just fine. The thing that is unique about a PIX compared to a
"normal" layer 3 device is that it has some special rules about its interfaces.
The inside interface is the highest level security interface. The outside interface is
the lowest. On a PIX with more than 2 interfaces the others all get assigned relative
security levels in between.
Traffic always gets to "ride for free" from a higher to a lower security
interface. However, in order for traffic to originate outside and pass from a lower to a
higher security interface you need more than STATIC statements and a routing protocol (or
static route statements). You also require an ACL line to match traffic on the static in
order for it to pass to the higher security interface.
-----Original Message-----
From: [EMAIL PROTECTED] on behalf of Rick DeNatale
Sent: Thu 6/22/2006 1:29 PM
To: Triangle Linux Users Group discussion list
Subject: Re: [TriLUG] Another Routing Question
On 6/22/06, Eric Gerney <[EMAIL PROTECTED]> wrote:
Brain,
So this makes me think it's something about the PIX........
Aside from PIX peculiarities, this should generally work, right? Since
it works on the SonicWall'ed subnet..
Generally your configuration will work, however, the PIX is not _really_ a
router and it will _NOT_ route or redirect traffic back to the interface
it received a packet on.
So you guys got me to googling.
I don't know if it's relevant, but some might enjoy the "diagrams"
http://www.routergod.com/deniserichards/
--
TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
TriLUG Organizational FAQ : http://trilug.org/faq/
TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
