11-10-2004 08:23 AM
We run our VPN service off our PIX 525s. The PIX is currently giving out the IP addresses for the VPN IP's.
Can I put that IP range in its own VLAN? Can I trunk to a PIX using DOT1Q on the switch?
Solved! Go to Solution.
11-10-2004 10:59 AM
You could put the client IP range in its own VLAN, but make sure you announce this route to your core network, via static route.
802.1Q is also being supported in 525 platform:
Virtual LAN (VLAN)-based virtual interfaces
Provides increased flexibility when defining security policies and eases overall integration into switched network environments by supporting the creation of logical interfaces based on IEEE 802.1q VLAN tags, and the creation of security policies based on these virtual interfaces
Supports multiple virtual interfaces on a single physical interface through VLAN trunking
Supports multiple VLAN trunks per Cisco PIX Security Appliance
Supports up to 10 VLANs on Cisco PIX 525 Security Appliances
11-10-2004 10:59 AM
You could put the client IP range in its own VLAN, but make sure you announce this route to your core network, via static route.
802.1Q is also being supported in 525 platform:
Virtual LAN (VLAN)-based virtual interfaces
Provides increased flexibility when defining security policies and eases overall integration into switched network environments by supporting the creation of logical interfaces based on IEEE 802.1q VLAN tags, and the creation of security policies based on these virtual interfaces
Supports multiple virtual interfaces on a single physical interface through VLAN trunking
Supports multiple VLAN trunks per Cisco PIX Security Appliance
Supports up to 10 VLANs on Cisco PIX 525 Security Appliances
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide