Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Additional DMZs

Hello,

We are using a PIX 525 on version 6.3 and we need to add additional DMZs. The PIX currently has 3 physical interfaces, 1 inside, 1 outside, and 1 DMZ. I know that we can add additional physical interfaces but we would then lose our gigabit capabilities, this is something that we can not do.

Another option is to add logical interfaces and assign them to vlans to separate the traffic. Is this the best way of doing this securely? Am I even looking at this correctly? If I went this route do I need to completely wipe out my current DMZ and reassign it to one of the newly created logical interfaces? Any additional assistance is welcomed.

Thanks

2 REPLIES
Community Member

Re: Additional DMZs

You are on the right track. You wouldn't need to wipe out the current DMZ, but move the ACL and IP address to the new interface. Ofcourse on teh switch side this would need to match.

Community Member

Re: Additional DMZs

Thanks for the input

98
Views
0
Helpful
2
Replies
CreatePlease to create content