03-08-2005 05:45 AM - edited 02-20-2020 11:59 PM
If I'm using the Transparent Firewall capability of the PIX, can I have multiple VLANs hanging off the inside interface? I know the management IP of the PIX has to be on the same network as the IP's that connect to manage.
It would seem logical if it's just an inline layer 2 device, it would be able to sit on the perimeter of a newtork that has multiple VLANs inside.
thanks,
biz
03-08-2005 09:04 AM
As you say, if it's just an inline layer 2 device - a very fancy cable - how is it logical to connect to several vlan's at the same time?
Stated on the FOS capabilities in transparent mode, you can only have 2 interfaces - hence the fancy cable terminology.
What you can do is create several virtual transparent domains, each connecting one end to a common 'outside', and the other end to each protected VLAN.
Of course this could mean more $$$...
Daniel
03-08-2005 10:38 AM
My 2 cents: when you say multiple vlans, you keep in mind that there r vlan limitation w.r.t. interface no# a pix support, I ran into same probe few weeks ago, and now i throw my 515 in store cuze it cant handle my switched network , pix donot support real trunk, so a real transparent behavior (like a bump in wire thing) is not possible with pix 5xx series, yeah..you can go for FWSM, like i did, which solves this porbe
03-13-2005 09:51 PM
Shariqashfaq:
PIX 7.0 will support transparent firewall feature just as FWSM currently does.
Regards,
Binh
03-14-2005 06:00 AM
true BINH,
but where is it? I've been hearing that PIX 7 is releasing soon, soon and soon, but when...we dont know,,,mayb i'm a little behind on this news, did cisco announced the date of availability?
regards
shariq
03-14-2005 11:07 AM
Shariq:
The plan is to release it for download on CCO at the end of this month.
Best regards,
Binh
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide