RE: [cisco-ttl] PIX uzerinde ISP redundancy

From: Hakan Tagmac (htagmac) <htagmac_at_....>
Date: Thu May 25 2006 - 14:54:11 EEST


Metro switch'i bir bgp routerına baglasanız, o bgp router metro uzerinden bgp routelarını alsa ve aynı zamanda diger bir hattan baska bir SPye baglansa ve oradan da baska bgp routeları alsa ve kendisi farklı aglara erisim icin ya metro baglantısını ya da sp'yi kullansa bu bir yol olabilir. Pix'te sadece tek default route olabileceginden boyle bir yolla cozulebilir.  

BGP yapma imkanı yoksa, o router uzerinde policy routing yapılarak sozgelimi bazı kaynaklardan gelen erisimi metro uzerinden gonderirken digerlerini sp uzerinden gonderebilir.  

PIX 7.0'a cekilirse aktif aktif calısabilir.  

iyi calısmalar,  

Hakan  


From: cisco-ttl@yahoogroups.com [mailto:cisco-ttl@yahoogroups.com] On Behalf Of Abdullah Haltas Sent: Thursday, May 25, 2006 9:39 AM
To: cisco-ttl@yahoogroups.com
Subject: [cisco-ttl] PIX uzerinde ISP redundancy

Merhaba,

Elimizde failover calisan iki adet pix 525 var, (sh ver ciktisi asagida) mevcut durumda uzerinde bir ISP sonlandirilmis durumda. Yeni aldigimiz metro etherneti de pix uzerinde sonlandirip, ISP redundancy saglamak, ayni anda hem ISP hem metro etherneti kullanmak istiyoruz. Pix uzerinde boyle bir tanimlama yapabilir miyiz? Tesekkur eder, iyi calismalar dilerim....

Abdullah HALTAS



PIX525# sh ver

Cisco PIX Firewall Version 6.3(4)
Cisco PIX Device Manager Version 3.0(2)

Compiled on Fri 02-Jul-04 00:07 by morlee

PIX525 up 20 days 0 hours

Hardware: PIX-525, 256 MB RAM, CPU Pentium III 600 MHz Flash E28F128J3 @ 0x300, 16MB
BIOS Flash AM29F400B @ 0xfffd8000, 32KB

0: ethernet0: address is XXXXXXXXXXXXX, irq 10
1: ethernet1: address is XXXXXXXXXXXXX, irq 11
2: gb-ethernet0: address is XXXXXXXXXXXXX, irq 10
3: gb-ethernet1: address is XXXXXXXXXXXXX, irq 5
4: gb-ethernet2: address is XXXXXXXXXXXXX, irq 11
Licensed Features:
Failover:                    Enabled
VPN-DES:                     Enabled
VPN-3DES-AES:                Disabled
Maximum Physical Interfaces: 8
Maximum Interfaces:          12
Cut-through Proxy:           Enabled
Guards:                      Enabled
URL-filtering:               Enabled
Inside Hosts:                Unlimited
Throughput:                  Unlimited
IKE peers:                   Unlimited

This PIX has a Failover Only (FO) license.

Serial Number: XXXXXXX)
Running Activation Key: XXXXXXXXXXXX
Configuration last modified by enable_15 at 15:44:52.607 UTC Thu May 11 2006 PIX525#


[Non-text portions of this message have been removed]

--
Cisco Teknik Tartisma Listesi (Cisco-ttl)

Bu listede onerilen degisikliklerin uygulanmasindaki tum sorumluluk 
kullaniciya aittir. Liste yoneticileri, oneride bulunan liste uyeleri ya da 
bu uyelerin calistigi kuruluslar herhangi bir sekilde sorumlu tutulamazlar. 




SPONSORED LINKS 
Communication and networking <http://groups.yahoo.com/gads?t=ms&k=Communication+and+networking&w1=Communication+and+networking&w2=Cisco+systems+inc&w3=Wireless+communication+and+networking&c=3&s=100&.sig=pp-tTYdSpCcXkj1Wpfy1NA>  	Cisco systems inc <http://groups.yahoo.com/gads?t=ms&k=Cisco+systems+inc&w1=Communication+and+networking&w2=Cisco+systems+inc&w3=Wireless+communication+and+networking&c=3&s=100&.sig=Ry1fFVFpPg35KJkBQNAMtg>  	Wireless communication and networking <http://groups.yahoo.com/gads?t=ms&k=Wireless+communication+and+networking&w1=Communication+and+networking&w2=Cisco+systems+inc&w3=Wireless+communication+and+networking&c=3&s=100&.sig=Dh9JLSYtuTEz5xgUYupDyA>  	

________________________________

YAHOO! GROUPS LINKS 


	
*	 Visit your group "cisco-ttl <http://groups.yahoo.com/group/cisco-ttl> " on the web.
	  
*	 To unsubscribe from this group, send an email to:
	 cisco-ttl-unsubscribe@yahoogroups.com <mailto:cisco-ttl-unsubscribe@yahoogroups.com?subject=Unsubscribe> 
	  
*	 Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service <http://docs.yahoo.com/info/terms/> . 


________________________________




[Non-text portions of this message have been removed]






------------------------ Yahoo! Groups Sponsor --------------------~--> 
Home is just a click away.  Make Yahoo! your home page now.
http://us.click.yahoo.com/DHchtC/3FxNAA/yQLSAA/26EolB/TM
--------------------------------------------------------------------~-> 

--
Cisco Teknik Tartisma Listesi (Cisco-ttl)

Bu listede onerilen degisikliklerin uygulanmasindaki tum sorumluluk 
kullaniciya aittir. Liste yoneticileri, oneride bulunan liste uyeleri ya da 
bu uyelerin calistigi kuruluslar herhangi bir sekilde sorumlu tutulamazlar. 
Yahoo! Groups Links


<*> To visit your group on the web, go to:
http://groups.yahoo.com/group/cisco-ttl/
<*> To unsubscribe from this group, send an email to:
cisco-ttl-unsubscribe@yahoogroups.com
<*> Your use of Yahoo! Groups is subject to:
http://docs.yahoo.com/info/terms/
Received on Thu May 25 23:31:22 2006

This archive was generated by hypermail 2.1.8 : Thu May 25 2006 - 23:31:26 EEST