Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1186
Views
0
Helpful
1
Replies

Vlan with PIX

zeremy
Level 1
Level 1

‎02-05-2002 07:54 PM - edited ‎02-20-2020 09:58 PM

Correct me if I'm wrong,

PIX doesn't support VLAN right?

Even the simplest setup?

Consider the following scenario:

A 12Port Catalyst Switch split into 2 Vlans,

VLAN1 is for dmz1 network which connects directly to dmz1 interface on the PIX,

VLAN2 is for dmz2 network which connects directly to dmz2 interface on the PIX.

Can it work with a Failover PIX 515 bundle?

or do I have to get another physical switch for this setup?

Thanks for any help,

Regards,

Zeremy

0 Helpful
1 Reply 1

rrbleeker
Level 1
Level 1

‎02-07-2002 08:10 AM

Yes, you're right. The PIX does not support VLANs.

Your setup will work. You only have to understand traffic flow between both VLANs. Your setup will also work with a 515 bundle.

The only question mark I would place is the use of one switch for 2 seperate networks. Although you defined two VLANs, you put your trust into a layer 2 security. VLANs have never been built with security in mind and should be used carefully. I recommend to use two seperate switches, one for each DMZ network.

Let me know if you would like some more information regarding your configuration.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card