×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Question on 802.1q and PIX

Answered Question

I was looking at this document about PIX and 802.1q VLAN trunking:

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_63/config/bafwcfg.htm#1140519


In this example there is a server in VLAN1. The physical interface of the pix is put in VLAN2 and a virtual interface is created for VLAN3. How would the server in VLAN1 get to the devices in the other VLANs in this case? Am I missing something?


-TIA


Correct Answer by scoclayton about 13 years 9 months ago

Hi,


I think I understand your confusion. It looks to me like there is an error in Figure 2-9. The hosts above the distribution layer switch should be in VLAN 2 and VLAN 3 rather than VLAN 1 and VLAN 2. As you know, the default VLAN on any Cisco switch is VLAN 1 and we suggest that you not use this VLAN for anything in a production network. If you change the hosts in the figure to VLAN 2 and VLAN 3, does this example make more sense? In other words, look at the info and think about it as two seperate interfaces. Let me know if this is still not clear.


Scott


PS - I will open a bug to fix this example.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Correct Answer
scoclayton Mon, 11/24/2003 - 17:13
User Badges:
  • Gold, 750 points or more

Hi,


I think I understand your confusion. It looks to me like there is an error in Figure 2-9. The hosts above the distribution layer switch should be in VLAN 2 and VLAN 3 rather than VLAN 1 and VLAN 2. As you know, the default VLAN on any Cisco switch is VLAN 1 and we suggest that you not use this VLAN for anything in a production network. If you change the hosts in the figure to VLAN 2 and VLAN 3, does this example make more sense? In other words, look at the info and think about it as two seperate interfaces. Let me know if this is still not clear.


Scott


PS - I will open a bug to fix this example.

d-g-c Tue, 11/25/2003 - 08:50
User Badges:

On a similar subject what is the correct command line syntax for creating an 802.1q virtual interface on a PIX physical interface?


I'm struggling with the syntax show in the manual.


Peter.

scoclayton Tue, 11/25/2003 - 09:09
User Badges:
  • Gold, 750 points or more

Are you asking for something other than:


[no] interface hardware_id vlan_id [logical | physical] [shutdown]


Example:


interface ethernet0 vlan3 logical


Let me know if this is not what you are looking for.


Scott

d-g-c Wed, 11/26/2003 - 05:07
User Badges:

thanks, my mistake I was trying to use


interface ethernet0 vlan 3 logical




vmolinaro Wed, 11/26/2003 - 17:44
User Badges:

Good job Scott. I had the same problem understanding this figure and the VLAN config. Clears it up for me too.


Vito

Actions

This Discussion