10-26-2007 06:54 PM - edited 03-09-2019 07:07 PM
Hi,
I just inserted a PIX-4FE-66 ethernet card in my pix 515 firewall. in additon to eth0 en eth1 i now see another interface inf2. Wasn't i supposed to see 4 extra ethernet ports? ho do i confire the card. also i dont know which port is
either E2, E3 etc. can someone shed some light in this for me please.
Thanks.
Solved! Go to Solution.
10-27-2007 06:56 PM
Greg, you will need license part# PIX-515-SW-R-UR= , to convert (R)Restricted to UR .
Please rate helpfull posts
Rgds
Jorge
10-26-2007 08:05 PM
Greg,
you should see a total of six physical interfaces like bellow :
e.g issue " show version "
0: ethernet0: address is 000c.8549.881f, irq 10
1: ethernet1: address is 000c.8549.8820, irq 11
2: ethernet2: address is 00e0.b606.d2a3, irq 11
3: ethernet3: address is 00e0.b606.d2a2, irq 10
4: ethernet4: address is 00e0.b606.d2a1, irq 9
5: ethernet5: address is 00e0.b606.d2a0, irq 5
name the inerface with name of your choice , we'll use DMZ and give security level of 50
nameif ethernet2 DMZ security50
interface ethernet2 100full
ip address DMZ 10.10.10.200 255.255.255.0
In the back of firewall facing the PIX-4FE-66 card I believe the 1st port from left to right is FE2 but to verify connect that interface into a switch, shutdown the switchport , then connnect to firewall and issue " show interface " it should say "interface ethernet2 DMZ is down, line protocol is down " bring up the switchport and look again.
HTH
Jorge
10-27-2007 03:40 AM
Jorge,
I did a sho version command and got the following:
User Access Verification
Password:
Type help or '?' for a list of available commands.
venus> ena
Password: ******
venus# sho ver
Cisco PIX Firewall Version 6.3(4)
Cisco PIX Device Manager Version 3.0(2)
Compiled on Fri 02-Jul-04 00:07 by morlee
venus up 10 hours 23 mins
Hardware: PIX-515E, 32 MB RAM, CPU Pentium II 433 MHz
Flash E28F128J3 @ 0x300, 16MB
BIOS Flash AM29F400B @ 0xfffd8000, 32KB
0: ethernet0: address is 000f.9001.52d1, irq 10
1: ethernet1: address is 000f.9001.52d2, irq 11
2: ethernet2: address is 000f.a3e9.c48c, irq 11
Licensed Features:
Failover: Disabled
VPN-DES: Enabled
VPN-3DES-AES: Disabled
Maximum Physical Interfaces: 3
Maximum Interfaces: 5
Cut-through Proxy: Enabled
Guards: Enabled
URL-filtering: Enabled
Inside Hosts: Unlimited
Throughput: Unlimited
IKE peers: Unlimited
This PIX has a Restricted (R) license.
is it because of the Maximum Physical Interfaces: 3 ? if so what must i do to increase this?
Thanks so much for your advise
Greg
10-27-2007 05:34 AM
You have a (R) restricted license, this is why you are limited to physical interfaces.
You would nee to upgrade license to UR at least to enable the 6 maximun physical interfaces.
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_data_sheet09186a00800b0d85.html
10-27-2007 06:56 PM
Greg, you will need license part# PIX-515-SW-R-UR= , to convert (R)Restricted to UR .
Please rate helpfull posts
Rgds
Jorge
10-29-2007 09:55 AM
Jorge,
Thansk a lot. I stil lhave a quick question:
Is it possible to have 2 outside interface for a pix? i want to have to connections to the internet on the pix.
10-29-2007 10:02 AM
Yes you can as a redundant or backup ISP link, you cannot do policy base routing as PIX/ASA does not support it, you would have to go different way by placing router in front of pix/ASA and do some kind of BGP multihoming with multiple ISPs.
[edit]
Thanks for the rating.
Rgds
Jorge
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide