Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
440
Views
0
Helpful
2
Replies

Pix 515E + VLAN Question

tmwaller1
Level 1
Level 1

‎01-28-2005 07:08 AM - edited ‎02-20-2020 11:54 PM

Good morning,

As it stands now, I have about 5-10 servers that are now under the requirement of having access filtered by MAC address and by a firewall via access lists. Unfortunately, I my experience with firewalls is a bit limited and was hoping I could obtain some general suggestions on what steps to take. I have a reasonbly fair grasp of how to setup the firewall and the vlan but not sure exactly what all needs to be done to complete my task.

Here's the setup at the moment:

Cisco 2700 switch with a VLAN setup already. The PIX 515E has the outside interface connected to the corporate LAN via the switch and the internal interface connected to the newly made VLAN. The outside interface of the firewall is 137.51.10.31 and the inside interface is 192.168.1.2. I am not using V2 for VTP and the switch is set in server mode.

As I said above, I'm in need of filtering access to the inside network of the PIX by MAC (using the switch and VLAN) and also by access list. The default gateway for the corporate network is 137.51.10.1 and we have no DNS servers on site, they are corporate. One having the address of 130.140.150.160(changed). I would really appreciate any assistance in what steps to take to get connectivy to the servers through the VLAN(if possible) and the PIX. I've tried various setups on the firewall already and so far I just can't get through it to my servers. All I need is simple file-serving access at the moment.

Thank you for your help.

Edward Waller

0 Helpful
2 Replies 2

aftermath
Level 1
Level 1

‎01-28-2005 07:42 AM

Hi Edaward,

You seem to explain want you are looking for pretty well, however I feel like I am missing something here, ( it could just be me ).

Are you wanting to receive traffic on a single port from multiple VLAN's??

0 Helpful

tmwaller1
Level 1
Level 1
In response to aftermath

‎01-28-2005 07:56 AM

I'm pretty much open to any possible solution but what I have setup now is the following:

Corporate Internet comes down into our main switch and feeds into my test switch. The test switch is split into 2 VLANS, VLAN 1 and VLAN 3. VLAN 1 has workstations and other various things that me and my coworker use, and includes the outside interface of the PIX and my personal workstation. VLAN 3 contains the inside interface of the PIX and a secondary workstation (in order to test connectivity and what not).

My idea was to use the VLAN to restrict access via MAC to VLAN 3 and using the PIX for furthur security and to act as a gateway between the two VLANs. This might not be plausible or the best way...just the way I'm toying with now.

That is the kicker...if it was just a firewall in front of a group of servers, no problem. It's the fact of having to incorporate VLANs (or something else) to allow for MAC filtering.

Hopefully I made a bit more sense this time, if not I can always try again! Thanks for your quick response, it is much appreciated.

Ed

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card