Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Setting up a dmz...

Hell-o,

We just replaced our aging pix515 with two pix515e with the failover bundle.

These new PIX devices only have an in and out and a single nic connected to eachother for stateful failover.

My question is this, is it possible for me to use the replaced Pix as a dmz firewall??

TIA,

Gary

  • Other Security Subjects
1 REPLY
Cisco Employee

Re: Setting up a dmz...

I don't see why not. You can just connect the outside interface of the old PIX onto the inside segment of the failover pair, and put your DMZ servers behind the old PIX. You'll have to set up static's and ACL's on both the failover pair and the old PIX to allow the traffic through, plus make sure you add static routes so that each PIX knows how to get everywhere, and you should be good to go.

87
Views
0
Helpful
1
Replies