05-03-2006 07:06 AM - edited 03-09-2019 02:47 PM
Hi,
i need to switch the configuration of a physical network interface to a virtual subinterface and one the same physical, can someone tell me how to keep the same nameif and the same ip address. See what i want to do :
CURRENT CONF :
HW_ID NAMEIF IP
Ethernet1 DMZ 192.168.0.1
WHAT I WANT :
HW_ID nameif IP
Ethernet1 Physical_DMZ No ip address
+ SUB_ID nameif IP
ethernet1.2 DMZ 192.168.0.1
I just want to move a physical to virtual to let me create other one virtual interfaces after.
Regards Thanks and sorry for my poor english
05-05-2006 12:32 AM
Nobody to help me ??
If you need more information !!
05-05-2006 01:13 AM
sub-interfaces means VLANs, so the switch connected to the DMZ interface would need to be re-configured as an 802.1q trunk, trunking the VLANs you then assign to the sub-interfaces.
To convert, remove the IP from the physical interface and create the sub-interface. Note the VLAN command.
interface gigabitethernet0/1
no ip address 10.1.1.1 255.255.255.0
interface gigabitethernet0/1.1
vlan 101
nameif dmz1
security-level 50
ip address 10.1.1.1 255.255.255.0
no shutdown
05-05-2006 01:25 AM
thank you for your help but do i need to do that only with CLI ??
i'd like to know if hosts, networks and all my rules will be automatically applied on the new sub-interface which will have the nameif and the same IP.
05-05-2006 02:06 AM
Sorry, I only ever use CLI.
05-05-2006 02:47 AM
I would expect hosts and object-groups to be retained but you will probably need to reapply ACL, NAT and static routes.
05-06-2006 07:35 AM
thank you for your reply,
but is there any relation between hosts and groups with the interface they belong, when i read the configuration i don't see any ASDM location or PDM as before so when i create a host by CLI, how do the PIX affect this one to an interface ?
05-06-2006 10:03 AM
ASDM and PDM location are calculated and added to the config automatically when you start ADSM/PDM. You can remove them from the config, and it will just recreate them next time.
Hosts and object-groups in CLI are not tied to any interface but I think also ASDM/PDM calculates the interface from looking at the routing table.
So no worries.
05-06-2006 05:25 PM
ok Grant thanks for your help !!
I think i will do it on next saturday is it possible to exchange by email what i have to do for all my modification ??
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide