how to create vlan on pix-6.3? i am bit confused.
how do i assign a single internet face with multiple ip address(not secondary IP address) for each & every vlan?
how to i connect to the switch, i mean if i put "switch port mode trunk" on the switch side, what command should i need on the PIX "inside" interface? in router the command is "encapsulation dot1Q 1"
also is there any restrictions that only limited vlans can be created or it is unlimited?
When you configure your interface, you usualy do it like that
interface ethernet0 auto
interface ethernet1 auto
Let's say that ethernet1 is a trunk with 2 vlan and a native vlan, you need to add to your config:
interface ethernet1 vlan100 logical
interface ethernet1 vlan200 logical
After that you need to name those interfaces and set the security level.
nameif ethernet0 outside security0
nameif ethernet1 inside security100
nameif vlan200 V200 security4
nameif vlan100 V100 security6
This configuration will give you an interface(eth1) with 1 native vlan(inside) and 2 tagged vlan(v200 and v100)
PIX will not negociate a trunk, your switch config is correct.