Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

PIX vlan

Is PIX able to do intervlan routing/subinterface?

i have a small setup..in order to save cost i would like to eliminate the use of a router and have a PIX instead

Internet

|

PIX

|

Layer2 Switch(with 3 vlans)

My objective is to do restrictions such as below

............VPN....InternetAccess....Server

vlan 2.....No........Yes...................Yes

vlan 3.....Yes........No...................Yes

how am i able to achieve this setup? Does a router ACL allow me to do that? or do i need a firewall

1 REPLY

Re: PIX vlan

Yes .. you can configure what is called logical interfaces .. basically vlan interfaces which use the physical for InVlan routing .. the only think you need to make sure is configuring the switch port for that physical interface as a trunk allowing the vlans you want ..

this is a brief example ...

interface ethernet3 100full <- physical interface

interface ethernet3 vlan10 logical

interface ethernet3 vlan125 logical

NOTE: the physical interface does not have an Ip address. The logical interfaces can be configured as any physical one.

I hope it helps .. please rate it if it does !!!

115
Views
0
Helpful
1
Replies
CreatePlease to create content