cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
339
Views
0
Helpful
1
Replies

VLANS on PIX

paulsa3598
Level 1
Level 1

Is there a way around this? I have to basically assign an IP/subnet just for failover for each interface I want to use as vlans.

I have 2 pix 515E fw v6.3(4) in lan based failover mode.

5 physical interfaces.

state (failover)

indside

outside

dmz

dmz2

I have 4 vlans, 2 each configured on the dmz ints.

Do you need to use the physical command on the interface given this topology? If not why do I keep receiving messages that my ip address is not configured or failover ip is not configured. This occurs when I do not assign an IP to the phiysical port but do I assign it to the logical and failover is enabled. also I do ot believe these interfaces will be in failover mode unless I use the physical command when using vlans. It seems like I have to us the physical and assign an IP for each physical int.

1 Reply 1

Not applicable

The maximum number of interfaces on the PIX with is 10, being them a combination up to a total of 6 physical interfaces and 4 VLANs or any combination adding up to 10.

In versions 6.3(4) and 6.3(5) (only 2 version on the 6.x train that support VLANs) the maximum VLAN interfaces are 8.

Try this link

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_63/config/bafwcfg.htm#wp1113411

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: