Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
289
Views
0
Helpful
1
Replies

Installing Gig Interfaces

gfrizz17
Level 1
Level 1

‎07-22-2005 12:22 PM - edited ‎03-09-2019 11:55 AM

I have a Pix 525 (still currently running 6.1...plan to go to 6.3 very shortly). I currently have the standard E0/Outside, E1/Inside and E3/DMZ interfaces. I plan to replace the two PCI FE cards with two new PIX-1GE-66 interfaces which I want to be my inside and outside interfaces (we have gig capabilities to various outside collaborators and the current FE E0 interface is the only bottleneck). My current DMZ E3 interface is one of the FE interfaces that will be replaced by one of the GB interfaces. Leaving me now with only the two GB and the two built-in.

I simply planned on making one of the new GB interfaces security 1 and the other security 99. But, according to the 6.3 command reference guide, the security for the built-in E0/E1 interfaces cannot be changed. The problem is, I now need to use one of the built-in E0 or E1 interfaces for my DMZ but cannot change the security level to be above 1 or below 99.

Reading the command reference guide for 7.0, it appears this restriction of not being able to rename and or change the security levels for the built-in E0 and E1 are gone. I came to this conclusion because the 6.x notes specifically mentioned the built-in E0 can be renamed but cannot have it's security changed and E1 cannot have either changed but no mention of this restrictions in the 7.0 command reference guide.

Is this true? If so, would you recommend going from 6.1 to 6.3 to 7.0 considering my dilemma?

Thanks!

Labels:
0 Helpful
1 Reply 1

nkhawaja
Cisco Employee
Cisco Employee

‎07-25-2005 08:51 PM

earlier it used to be that e0 was outside, and e1 was inside defaulted. then this restriction was lifted so any interface can be inside or outside. the security level still remains the same though. for outside it will be 0 for inside it will be 100. this is the same for 6.3 or 7.0

I dont think it is true that security of builtin interface cant be changed. with 6.x code you should be able to assign any interface any security. the only restriction is that inside will remain security 100 and outside remains security 0

In any case I would advise you to proceed with 7.0 code, why upgrade to 6.3, 6.x code will eventually be phased out and you have to upgrade again.

0 Helpful
Customers Also Viewed These Support Documents