PIX subinterface and "switchport mode" conflict

Unanswered Question
Aug 31st, 2007
User Badges:

I created a subinterface on a PIX-515E (7.2.2) but I cannot arping it unless I set the switch port to "switchport mode trunk".

But then the main interface on the PIX stops working, failover claims the status of the main interface is "unknown" and the firewall does not pass traffic.

Set the port back to "switchport mode access", the firewall starts working fine again, but the subinterface is not accessible anymore.

Any suggestions?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
purohit_810 Fri, 08/31/2007 - 12:32
User Badges:
  • Silver, 250 points or more

Port bydefault been in access mode, if you have configured it in TRUNK that need to give access command otherwise don't.

See in attachment how can you use the same command:

hostname(config-if)# interface ethernet 0/1

hostname(config-if)# switchport mode trunk

hostname(config-if)# switchport trunk allowed


Dharmesh Purohit

sundar.palaniappan Fri, 08/31/2007 - 15:01
User Badges:
  • Green, 3000 points or more

Configure these two commands on the 2960 switchport that connects to the PIX and try.

switchport trunk encapsulation dot1q

switchport mode trunk




This Discussion