using other interface of PIX 515 as inside.

Unanswered Question
ggilbert Thu, 11/30/2006 - 07:13
User Badges:
  • Cisco Employee,

Hello Kashyap,


Yes, you can use other ethernet interfaces as an inside interface and change the security levels. That should not be an issue at all.


Rate this topic, if it helps.


Cheers

Gilbert

kashyapkamal Thu, 11/30/2006 - 23:49
User Badges:

Hello Gilbert,


I configured the new interface with same security level of 100 as inside interface.


Everything works fine except the VPN tunnels.

And after wards reverted back to pervious configuration and found the VPN tunnels working fine.


My point of concern is do VPN Ipsec tunnels get affected after changing the inside interface to other physical interface.


Thanks!


Kamal

ggilbert Fri, 12/01/2006 - 07:15
User Badges:
  • Cisco Employee,

Kamal,


Can you please let me know what changes were made on the PIX. And a snippet of the changes made would be helpful.


VPN traffic should not be affected.


1. After the change, did you see the tunnels on the PIX.


sh cry isa sa - would show that to you.


2. Did see packets decrypted on the PIX -

sh cry ipsec sa - would show you that.


3. What was your "nat" statement like, after the change?


Please let me know.

Actions

This Discussion