Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

virtual interface

Hi Gurus,

I have Cisco pix 515E (HA) firewall on production setup. Initially setup was done for less number of private hosts, so setup is like:

Inside Interface IP is 10.10.8.0/255.255.255.0 .. Here I can use only 255 hosts

My question is Can I add one more private IP block on pix as virtual interface. What is the complete procedure to solve this issue or any other good suggestion without disturbing production pix configuration (as ACL also defined with 255.255.255.0).

3 REPLIES
Gold

Re: virtual interface

it's not feasible to configure a secondary ip on pix interface, and virtual interface works with vlan only.

may be you can resolve the issue by modifying the subnet mask.

e.g.

10.10.8.0 255.255.255.0 --> host 10.10.8.1 - 10.10.8.254

10.10.8.0 255.255.254.0 --> host 10.10.8.1 - 10.10.9.254

10.10.8.0 255.255.252.0 --> host 10.10.8.1 - 10.10.11.254

then, you can modify the dhcp scope on the dhcp server for the pc.

Community Member

Re: virtual interface

can u also tell me how do i create a vlan ?

Thanks

Arvind

Gold

Re: virtual interface

it's very straight forward on the pix.

http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_command_reference_chapter09186a00801727a9.html#wp1075586

most of the vlan config will be done on the router or switch in the lan.

146
Views
0
Helpful
3
Replies
CreatePlease to create content