Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
400
Views
0
Helpful
3
Replies

virtual interface

arvindsa
Level 1
Level 1

‎01-06-2006 05:06 AM - edited ‎03-09-2019 01:32 PM

Hi Gurus,

I have Cisco pix 515E (HA) firewall on production setup. Initially setup was done for less number of private hosts, so setup is like:

Inside Interface IP is 10.10.8.0/255.255.255.0 .. Here I can use only 255 hosts

My question is Can I add one more private IP block on pix as virtual interface. What is the complete procedure to solve this issue or any other good suggestion without disturbing production pix configuration (as ACL also defined with 255.255.255.0).

Labels:
0 Helpful
3 Replies 3

jackko
Level 7
Level 7

‎01-06-2006 06:05 AM

it's not feasible to configure a secondary ip on pix interface, and virtual interface works with vlan only.

may be you can resolve the issue by modifying the subnet mask.

e.g.

10.10.8.0 255.255.255.0 --> host 10.10.8.1 - 10.10.8.254

10.10.8.0 255.255.254.0 --> host 10.10.8.1 - 10.10.9.254

10.10.8.0 255.255.252.0 --> host 10.10.8.1 - 10.10.11.254

then, you can modify the dhcp scope on the dhcp server for the pc.

0 Helpful

arvindsa
Level 1
Level 1
In response to jackko

‎01-06-2006 06:34 AM

can u also tell me how do i create a vlan ?

Thanks

Arvind

0 Helpful

jackko
Level 7
Level 7
In response to arvindsa

‎01-06-2006 07:27 AM

it's very straight forward on the pix.

http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_command_reference_chapter09186a00801727a9.html#wp1075586

most of the vlan config will be done on the router or switch in the lan.

0 Helpful
Customers Also Viewed These Support Documents