Jamie, Not quite...what you can do, however, is have all traffic go through one PIX and have another PIX as a failover. In this scenario, if one PIX would fail, the other could kick in--in this scenario, only one PIX is active. Of course, this still presents a problem of an exit path--by default, the active PIX would choose its defalt route and thus you would lose load balancing out your two exit points. The PIX does support passive RIP, so this might help. Or you could configure static routes...but you would, unfortuantely, not have any ability to route based on the source of the address--only your Cisco routers have this ability. And perhaps in the upcoming 6.3 release, OSPF might be introducted (--might--), but don't hold your breath.
Hope this helps! Cheers! -- Richard A. Deal Visit my home page at http://home.cfl.rr.com/dealgroup/ Author of Cisco PIX Firewalls, CCNA Secrets Revealed!, CCNP Remote Access Exam Prep, CCNP Switching Exam Cram, and CCNP Cisco LAN Switch Configuration Exam Cram Cisco Test Prep author for QuizWare, providing the most comprehensive Cisco exams on the market. ""Arnold, Jamie"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I have a situation that I hope some of you might shed some light on. We > have 2 points of ingress to our campus. One OC3 (Nycernet) for internet 2 > and one (Time Warner) Our commodity edge consists of a 7200 router then > the PIX. The I2 edge is just a 7200 series router. Our problem is that > with certain sites, traffic going out on the I2 OC3 is returning via our > commodity OC3 and the pix drops it as it didn't see it originating on the > inside (syn-ack without syn) I recognize that the bigger problem may be > with the way these sites are being routed back to us, but I have little > control over that for now. Both edge routers use BGP for updates. I'm > looking for a solution. Can I install another PIX on the OC3 side and > somehow have the 2 PIX boxes talk to each other and update each others Xlate > tables? > > Any suggestions would be appreciated > > Thanks > > Jamie Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=62105&t=62100 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
