First, the remote network can't access anything inside the firewall without
static/conduits or ACLs set up if it is on a lower security interface than
the internal network you are trying to access from there.
Anything coming from the outside interface into the PIX should have static
routes or RIP (eww) set up so it knows which interface to forward to coming
in (DMZ, internal network, etc).
Hopefully I didn't miss anything in this thread and went off on a tangent ;)
----- Original Message -----
From: "Keith Whitfield" <[EMAIL PROTECTED]>
To: "Howard C. Berkowitz" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Thursday, January 18, 2001 3:28 PM
Subject: Re: routing problem.
> Hi..
>
> I think I missed something in the question. The setup I gave in
> my earlier posting is a part of the actual setup, which is
>
> Internet---3640router---pix---router---T1 link----router--LAN.
>
> There are 2 more interfaces(DMZs) on the PIX apart form this
> connection. Basically we are trying to make the remote LAN to
> talk with the internal hosts/servers on the other DMZs. SO, I
> already ahve a static route on the PIX to point at the 3640.
>
> Now, by a static route from the central router to the LAN, how
> will the PIX know to route the traffic of the remote LAN to the
> Ethernet of the router connected to teh PIX?
>
> ALso , can I point to the Ethernet of the central router to
> route the traffic from the remote office? since, ethernet is not
> directly connected to the link.
>
> I think I am missing some basic routing theory here.
>
> Let's give some ip addresses to this problem.
>
> PIX interface to Ethernet of router - 172.18.31.1
> ethernet Interface if router----------172.18.31.2
> Serial of Router to T1 link-----------172.18.30.1
> Serial of router(remote) t1 link------172.18.30.2
>
> Lan subnet of remote router-----------172.18.40.0
>
> I am a bit new to this and am i confused? I think so..:-)
>
> Regds
> Keith
>
> --- "Howard C. Berkowitz" <[EMAIL PROTECTED]> wrote:
> > >Hi Group,
> > >
> > >I have a setup something like this.
> > >
> > >PIX---(eth)Router----T1 link---Router---LAN(remote site)
> > >
> > >The requirement si that I a should be able to see the LAn at
> > >remote side on the PIX interface that is connected to the
> > >Ethernet of the router at the central office.
> >
> > Does "see the LAN" mean have routing to it, or, for some
> > reason, are
> > these supposed to be on the same subnet?
> >
> > Without further information, I'd point a static route from the
> >
> > central router to the LAN, and a default route to the central
> > router
> > Ethernet from the remote.
> >
> > >If I enable
> > >routing to route the network at the remote site out of the
> > >ethernet interface connected to the PIX, will the pix be able
> > to
> > >see that network? If, not, then can I make the Pix interface,
> > >the router ethernet and the remote LAN all belong to the same
> > >subnet? I haven't configured any kind of bridging till now.
> > >Can anyone please suggest me to a link where I can study to
> > get
> > >this setup working. Any help is appreciated.
> > >
> > >Thanks in advance.
> > >
> > >Regards
> > >Keith
> > >
> >
> > _________________________________
> > FAQ, list archives, and subscription info:
> > http://www.groupstudy.com/list/cisco.html
> > Report misconduct and Nondisclosure violations to
> [EMAIL PROTECTED]
>
>
> __________________________________________________
> Do You Yahoo!?
> Get email at your own domain with Yahoo! Mail.
> http://personal.mail.yahoo.com/
>
> _________________________________
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
