×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Pix Firewall Interface Configuration

Answered Question
Apr 5th, 2006
User Badges:

Hi


On a PIX 525 running ver 6.3 with a 4 port 10/100 card installed will it be possible to configure the interfaces as follows:


e0 - Inside interface

e1 - Firewall stateful failover

e2 - Firewall Failover monitoring link

e5 - Outside interface


I am basically unsure as to whether is is possible to move the outside interface from it's default configuration as e0 to e5 and similarly if it will be possible to specify e0 as the inside interface instead of the default confiuration of e1=inside.


One other quickie - I assume that with the additional 4 port 10/100 card installed my interfaces will be numbered e0-e5. Is that correct?


Thanks.



Correct Answer by m.sir about 11 years 4 months ago

Some Cisco documentation says that is not possible to change name and security level of inside interface but i have experience that is possible:


nameif ethernet1 failover security50

nameif ethernet5 outside security0

etc...

I wouldn't recommend doing it in a production environment since it would create a lot of confusion...

525 has two fixed interfaces e0 e1 - so expansion 4 port card should be numbered e2, e3 (from left to right)

M.

Hope that helps rate if it does

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
m.sir Wed, 04/05/2006 - 10:15
User Badges:
  • Gold, 750 points or more

Some Cisco documentation says that is not possible to change name and security level of inside interface but i have experience that is possible:


nameif ethernet1 failover security50

nameif ethernet5 outside security0

etc...

I wouldn't recommend doing it in a production environment since it would create a lot of confusion...

525 has two fixed interfaces e0 e1 - so expansion 4 port card should be numbered e2, e3 (from left to right)

M.

Hope that helps rate if it does

srowles Thu, 04/06/2006 - 04:50
User Badges:

Thanks for the reply.


I have now been able to test this and was able to configure the following using ver 6.3(3)


nameif ethernet0 inside security100

nameif ethernet1 stateful security10

nameif ethernet2 failover security20

nameif ethernet3 intf3 security6

nameif ethernet4 intf4 security8

nameif ethernet5 outside security0


Actions

This Discussion