06-06-2008 03:17 AM - edited 03-09-2019 08:51 PM
Hi all,
I need to build up a DMZ with a PIX506. My idea is to make a trunk between PIX and switch, assign a VLAN for the DMZ.
Mi question is, can PIX506 handle firewall-rules between the VLAN's (internal <-> dmz)?
Thank's,
Norbert
Solved! Go to Solution.
06-06-2008 03:50 AM
Norbert
Not sure what you are asking here. The 506E supports up to 2 vlans on an interface so you can do what you want. Each vlan interface is treated as a physically separate interface in terms of security levels/access-lists etc.
So if you have an inside and a DMZ on the same interface you can apply separate access-lists to each interface.
Does this answer your question ?
Jon
06-06-2008 03:50 AM
Norbert
Not sure what you are asking here. The 506E supports up to 2 vlans on an interface so you can do what you want. Each vlan interface is treated as a physically separate interface in terms of security levels/access-lists etc.
So if you have an inside and a DMZ on the same interface you can apply separate access-lists to each interface.
Does this answer your question ?
Jon
06-06-2008 04:58 AM
Jon
Thank's for the answer.
Yes I want to control the traffic between DMZ (VLAN-xx)<-> inside (VLAN-yy) over the PIX.
Greets,
Norbert
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide