1 router, 2 gateways?

[oddyager]

Is it possible to route traffic destined for one remote site through one PIX and any other traffic (internet) to go through another PIX, if both PIX devices were connected to the router itself? Like in the diagram below:

Remote Site
||
||
vpn tunnel
||
||
pix501A
|
|
2600 Router ---- pix501B ----- Internet
|
|
LAN

 

[spidey07]

yes. you just use static routes to send the traffic where you want depending on the desination network

so on your 2600 you'd have a route to the remote site with a next hop of pix501a. You would probably also have a default route 0/0 with a next hop of pix501b.

 

[oddyager]

Awesome. Thanks. So it'll be something like:

Remote Site: 10.5.0.0/16
LAN: 10.1.0.0/16
Cisco 2600: 10.1.0.1
PIX501A: 10.1.0.2
PIX501B: 10.1.0.3

and on the router I would add:

ip route 0.0.0.0 0.0.0.0 10.1.0.3
ip route 10.5.0.0 255.255.0.0 10.1.0.2

?

 

[spidey07]

you got it

you can verify your routes with "show ip route"

just remember that you'll have to concern yourself with the "return path", just because you can route somewhere doesn't mean a packet knows how to come back. so you'd probably have a default route on both pixes. pix501b would need a route for your internal lan 10.1.0.0/16.