Hi, actually i have this scenario:pix 515e version 6.2(2) with on board
6 interfaces but now configure with 3 interfaces (in this mode):INTERNET ROUTER (ETH 172.17.10.1) I I I I(OUTSIDE - 172.17.10.2) PIX -INTF2--.2--------------(172.17.12.0/29)--------.3(PARTNER) INSIDE (172.17.8.1/23) I I I I MY LAN
then 3 interfaces configuration without NAT. there are the static routes: route outside 0.0.0.0 0.0.0.0 172.17.10.1 1 route intf2 192.168.54.209 255.255.255.255 172.17.12.3 1 route intf2 192.168.129.0 255.255.255.0 172.17.12.3 1 route intf2 192.168.131.0 255.255.255.0 172.17.12.3 1 route intf2 192.168.134.0 255.255.255.0 172.17.12.3 1
traffic outcomes from my default gateway coming out from 172.17.10.1, traffic out/in from /to network 192.168.x.x/16 is forwarded from intf2 this scenario works well. but tomorrow i must add new two routers on 2 new interfaces and i would have this new scenario:
ISP ROUTER (.3 ) ISP ROUTER (.1) \\ I 172.17.14.0/30 \\ I 172.17.10.0/30 \\ I INTF3(.2) \\ I(OUTSIDE - .2) (PARTNER)(.3)(172.17.13.0/29)INTF5(.2)PIX-INTF2(.2)(172.17.12.0/29)(.3)(PARTNER) INSIDE (172.17.8.1/23) I I I I I MY LAN
and this would have to be future situation: the traffic that outcomes from 172.17.8.1/25 coming out from
172.17.10.1 the traffic that outcomes from 172.17.8.128/25 coming out from a new interface 172.17.14.3 except traffic out/in from 192.168.0.0/16 coming out from 172.17.12.3 traffic that outcomes from 172.17.9.1/25 coming out from interface 172.17.14.3 except traffic out/in 192.168.0.0/16 coming out from 172.17.13.3 traffic outcomes from 172.17.9.128/25 coming out from 172.17.10.1is it possible this scenario? can you help me with this configuration?obbligatory i use NAT?
sorry for my bad english... thanks in advance
Matt