Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
275
Views
0
Helpful
1
Replies

vlan with Pix

muaida_mgl
Level 1
Level 1

‎06-21-2006 09:05 PM - edited ‎02-21-2020 12:59 AM

hello, i need an help to configure my ISP scnerio, in our scnerio Perimiter router is connected with pix out interface and pix in intrface is conected with switch and Servers are DMZ on third interface on the other hand switch is connected with other networks via vlan it is 2950 cisco switch. my question is that can i connect trunk port of switch with Pix 515E? Pix 515E can support intervlan routing? if it can support can u plz give an example?

thanks

0 Helpful
1 Reply 1

gfullage
Cisco Employee
Cisco Employee

‎06-21-2006 09:38 PM

Sure it can. Upgrade it to v7 and then follow this link:

http://www.cisco.com/univercd/cc/td/doc/product/multisec/asa_sw/v_7_2/conf_gd/general/intparam.htm#wp1051819

Basically set up a trunk port between the PIX and the switch. Let's say you plug that trunk port into Fastethernet0 on th ePIX, your config then looks like:

interface fastethernet0

   no shut

interface fastethernet0.20

   vlan 20

   nameif inside

   ip address x.x.x.x

   security-level 100

interface fastethernet0.30

   vlan 30

   nameif dmz1

   ip address y.y.y.y

   security-level 50

interface fastethernet0.40

   vlan 40

   ip address z.z.z.z

   nameif dmz2

   security-level 60

You can just add as many sub-interfaces as you like, and add that vlan to the trunk from the switch. The PIX treats these sub-interfaces just like any separate interface and will route between them as normal. Same security level procedures apply just like any other interfaces on the PIX.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card