PIX 535

Unanswered Question
Feb 15th, 2007

Can you configure a pix 535 with gigabit modules and use the inside and ouside as the gigabit modules and not the on board ports

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jon Marshall Thu, 02/15/2007 - 01:53

Hi

Not 100% sure what you mean by modules ?

You can certainly use gigibit ports in the Pix535 for the outside and inside interfaces.

HTH

Jon

network_team Thu, 02/15/2007 - 02:16

Hi sorry for the confusion:

The pix 535 comes with two built in 10/100 ports. I plan to purchase and install gigabit modules. I wish not to use the inside and outside built in 10/100 ports and wish to configure the gigabit modules 10/1000 and the inside and outside. Is this possible

Jon Marshall Thu, 02/15/2007 - 02:25

Hi

No problem. Yes you can do this. From one of our production Pix 535 firewalls:

PIX Version 6.3(1)

interface gb-ethernet0 1000full

interface gb-ethernet1 1000full

interface gb-ethernet1 vlan191 physical

interface gb-ethernet1 vlan181 logical

interface ethernet0 100full

interface ethernet1 auto shutdown

nameif gb-ethernet0 outside security0

nameif gb-ethernet1 inside security100

nameif ethernet0 state-fail security10

nameif ethernet1 spare security50

nameif vlan181 dbase_inside security95

HTH

Jon

daviddtran Thu, 02/15/2007 - 05:08

Well, you can use the Gig interfaces for inside

and outside with 6.x and 7.x. However, there

are a LOT of caveats that you have to be aware

of. I am assuming that you're using the gig

interfaces in the 66Mhz slots.

If you decide to upgrade from 6.3(x) to 6.3(5) or to 7.x, in monitor mode, you will NOT see the Gig, interfaces, only the Fast Ethernet, assuming that you have the Fast Ethernet in the 33Mhz slot. If you have the Fast Ethernet in the 66Mhz bus as well, you are F!.

This is the limiting architecture of the Pix.

David

network_team Thu, 02/15/2007 - 05:53

Thanks all for the information:

Do you know if you can buy ethernet gigabit ports for pix535 and what is the name ?

bvsnarayana03 Sat, 02/17/2007 - 23:33

As said by David, ensure u r using 66MHz slots on Pix for gig interfaces. Also take backup of your pix before adding cards & naming them.

Once you change the the interface names of gig to inside & outside, your old config will change.

If u r taking downtime from production, make sure u hv enough downtime in hand.

Regards,

Actions

This Discussion