cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3807
Views
5
Helpful
7
Replies

PIX 501 and VLANs.

johnleeee
Level 1
Level 1

Hi all,

I need help. We have one PIX 501 which

connects our internal network to Internet.

But we need to create two VLANs.

And PIX 501 doesnt do this.

Any suggestions?

BR

jl

7 Replies 7

andrew.prince
Level 10
Level 10

Purchase a PIX 506!

HTH.

That's good idea.

Is any other solution?

BR

jl

The PIX 501 does not support VLAN's, if you have to have 2 VLANS's, you could use a router. If you have a router in the network or lying about doing nothing, you can configure the router to be the routing device between the VLAN's. You could also use any kind of switch that supports layer 3 routing?

Do you have a router or switch available?

Hi Andrew,

thanks a lot for advice. I was thinking about

buying new L3 switch but maybe better solution will be to buy new PIX 506E.

What do you think about this solution?

Answer to your question:

Now we have not router or L3 switch.

BR

jl

John,

You can purchase a 506 - that will give you the vlan funtionality, and you could buy a L3 switch which will also give you vlan capabilities.

However if you want to keep the costs down - you could just buy a router, which will give you all the inter-vlan routing capability you need....as long as you have a switch that supports 802.1q vlan trunking?

If not - you would be better off with a L3 switch!

HTH.

Agree with Steven, most if not all of our recommendations to clients is to use the newer asa firewall products in a migration path, beside, not will the asa5505 provide you with up to 20 virtual interfaces with Sec plus license, but other numerous features pix code 6.3(5) does not come close to providing.

Ultimatelly the pix 506 cannot go beyond code 6.3(5) and probably give you up to 2 vlans maximun, and from clients experience out there they end up in a dead lock when needing new features, you want to have a product in your network whether is small that would be able to move forward with 7.x/8.x codes.

If the above is not of a concern at all, then what Andrew sugested would work.

Rgds

-Jorge

Jorge Rodriguez
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: