Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

pixos 6.3 nameif change

hi, I have pix fw in live net, and I need switchover from physical fastethernet interfaces to vlans on gb-ethernet without change remaining configuration ( read: change nameif commands only). What is best way to do it ? ( I thing about default nameif interfaces and dependencies in configuration, which is 'automatically changed' when nameif command changes).

2 REPLIES
Silver

Re: pixos 6.3 nameif change

nameif {hardware_id | vlan_id} if_name security_level is the format for nameif command,where The hardware name for the network interface that specifies the interface's slot location on the PIX Firewall motherboard.For more info refer the URL

http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_command_reference_chapter09186a00801727ab.html#wp1026054

Re: pixos 6.3 nameif change

There's not an easy way and it's going to cause some downtime on that interface.

First backup you entire config.

Then create a text file containing config relating to this interface - do "show run | inc [interface name]" to get that.

Then get the VLANs/trunking sorted. Use a dummy VLAN for native - do not try to use native VLAN for any data!

Set the nameif etc, then paste that part of the config back in if you need to.

v6 goes:

interface ethernet2 vlan1 physical NATIVE VLAN

interface ethernet2 vlan12 logical

interface ethernet2 vlan20 logical

interface ethernet2 vlan30 logical

interface ethernet2 vlan40 logical

nameif vlan12 dmz12 security22

nameif vlan20 dmz20 security14

nameif vlan30 dmz30 security16

nameif vlan40 dmz40 security18

It's easier in v7, it uses sub-interfaces.

140
Views
5
Helpful
2
Replies
CreatePlease login to create content