Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
500
Views
0
Helpful
2
Replies

Shared Firewall config

pcattell
Level 1
Level 1

‎03-15-2002 12:50 AM - edited ‎03-08-2019 10:04 PM

Requirement: Multiple small vlans behind a single shared firewall.

Current proposed setup: Pix or Nokia FW-1 firewall connected on the outside interface to Internet Backbone providers, inside Lan interface connected to 2948 switch to provide multiple vlan's to groups of web servers. It is esential that the hosts on the vlan's are not able to see any other host on another vlan. The firewall is running NAT.

Problem: It is not possible to setup truncking between the 2948 and firewall (required to enable the correct use of vlan's.

Possible solution(?): A 2621 router is placed between the firewall and switch to enable the switch to use truncking. Problems with NAT and ARP between the firewall and vlan hosts.

Is there anyone who has managed a similar setup?

Labels:
0 Helpful
2 Replies 2

g.rodegari
Level 1
Level 1

‎03-15-2002 03:29 AM

Pix only support Ethernet II (DIX) encapsulation.

No trunking protocol are supported.

Graz.

0 Helpful

s-ariga
Level 1
Level 1

‎03-19-2002 12:12 AM

HI

You can use a pix firewall(525 or 535) with more than 2 interfaces .The number of ethernet interfaces should be equal to the number of vlans (theres a limit though to the number of ethernet cards a pix 515,525,535 can support)and and routes ,nats ,static and global commands in the firewall.

Hope the above thing makes some sense??

0 Helpful
Customers Also Viewed These Support Documents