Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
241
Views
0
Helpful
1
Replies

Can trunking VLAN exist in Regular cable base Failover Pix515 ver 6.3.5 ?

snguyen
Level 1
Level 1

‎07-24-2006 10:41 PM - edited ‎03-09-2019 03:41 PM

I have two identical Pix515 each with 2 Ethernet (E0 and E1) unrestricted licenses.

E1 interface is configured as follow:

PIX Version 6.3(5)

interface ethernet0 100full

interface ethernet1 100full

interface ethernet1 vlan2 physical

interface ethernet1 vlan3 logical

interface ethernet1 vlan4 logical

interface ethernet1 vlan5 logical

interface ethernet1 vlan6 logical

interface ethernet1 vlan7 logical

interface ethernet1 vlan8 logical

interface ethernet1 vlan9 logical

interface ethernet1 vlan10 logical

nameif ethernet0 outside security0

nameif ethernet1 inside security100

nameif vlan3 intf3 security35

nameif vlan4 intf4 security45

nameif vlan5 intf5 security55

nameif vlan6 intf6 security65

nameif vlan7 intf7 security75

nameif vlan8 intf8 security85

nameif vlan9 intf9 security95

nameif vlan10 intf10 security98

I have to use VLAN trunking to pass the traffic for logical interface above, according to the doc below, the trunking must turn off. So how can I configure Regular cable base failover with VLAN?? Thanks for all helps.

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_63/config/failover.htm#wp1025358

Configuring Switches to Support Failover

Perform the following steps on any Cisco switch ports that connect directly to the PIX Firewall:

--------------------------------------------------------------------------------

Step 1 Enable PortFast.

Step 2 Turn off trunking.

Step 3 Turn off channeling

Labels:
0 Helpful
1 Reply 1

cpembleton
Level 4
Level 4

‎07-25-2006 04:34 AM

You can't. There needs to be a dedicated ethernet for network based FO. If you distance is not an issue you could use the serial cable. Or you could purchase additionl ethernet ports.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents