I am trying to configure a PIX 515E unit with multiple VLANs (each VLAN for each client traffic). I have 2 /29 networks from my ISP and I want to use each IP to each client for their outgoing and incoming traffic. so each client traffic will be natted to a public IP for outgoing and incoming traffic
I would like to know how can I configure these IPs (2 different range /29 networks) on the pix unit as it doesnt accept secondary IPs as on the router.
To configure VLANs, can I just use eth 0/1 for the inside network and configure into sub interfaces?
Any advise on this is much appreciated and also any links for the configuration would be helpful.
I am using other brand routers now and having a terrible outage which seems hard to point the issue for the vendor as well. So I am planning to upgrade to the PIX unit.
in this case u can use ur firewall with multiple context
so that eachinterface can be in a diffent context or each subinterface be i diffrent context thus u will have two saparate firtual firewalls each one with its own config like IPs, nating access policies and so on
but with multiple context mode u cant do VPN !!
also u can use shared outside interface or sapart physycal or subinterfaces for each context
so that mean only vlan 400 will be passed through the trunk link as untaged which is by defualt vlan 1
so if u use vlan 1 and make sure the trunk encapsulation on the switch side it dot1q
if u wanna reach vlan one make the native
also for communication between vlans there is two ways
now based on ur config the communication between vlans must be through the firewall
so on the sitch done creat a SVI i mean vlan interface but just creat vlans corsponding to those on the firewall subinterfaces
and make each PC defual gatway as the firewall IP in the corspondin vlan number
as long as u have interfaces have same security level u need to put the command permit inra-same-securty somthing not surabout the syntax but to allow communicationbetween interface has the same sec level
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...