2 PIX Same COnfig, though 1 not connected to 'real' outside? Does not work?

How is the routing set up on your servers?

On the inside network, the routers and servers do not know that PIX2 Exists. Though they are on the Same Physical Subnet.

Though I though that since the PIX is doing the Address translations from the outside to the inside, the request would originate from PIX2 which is on the same subnet and just return the reply to PIX2.

So I have Router: 10.1.0.1 255.255.0.0 PIX1: 10.1.0.2 255.255.0.0 PIX2: 10.1.0.4 255.255.0.0 WWWServer: 10.1.0.10 255.255.0.0 192.168.0.10/24 MailServer: 10.1.0.11 255.255.0.0 192.168.0.11/24

Both PIXs have the same static table: static (inside,outside) WWWServer_o WWWServer_i netmask 255.255.255.255 0 0 static (inside,outside) MailServer_o MailServer_i netmask 255.255.255.255 0

So both PIXs are responding to 192.168.0.10. Though is that address the one that is used to route the reply back out to the internet? Even so, wouldn't it be via the MAC address of the PIX2 and go back to PIX2 to reply?

So here is another question, How do I test the new PIX with the same Config without taking down the network??

Thanks, Scott >>Inside ----PIX1-----Outside

Okay, so I think I found (part) of the issue.

I created a Static Route for the Outside IP address I'm using on my Test laptop, so that the Router and PIX1 know to pass the traffic to PIX2 for anything destined to that IP.

I can now surf to Web pages on the Inside from Outside2. Now to get VPN to work.

Thanks,