Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > pix vlan trunking

Reply
Thread Tools

pix vlan trunking

 
 
Bill F
Guest
Posts: n/a
 
      05-03-2004
Does this feature allow the pix to route between up to 8 vlans? Was it
intended to be used a substitute for a router on a stick?

 
Reply With Quote
 
 
 
 
Walter Roberson
Guest
Posts: n/a
 
      05-03-2004
In article <(E-Mail Removed)>,
Bill F <(E-Mail Removed)> wrote:
oes this feature allow the pix to route between up to 8 vlans?

The number of vlans depends upon the model, number of physical
interfaces present, and the license. 8 is the maximum number of VLANs
for the PIX 535 with the Restricted license, but the 520 supports
more with all licenses, and the 525 and 535 with Unrestricted
licenses support more.

: Was it
:intended to be used a substitute for a router on a stick?

No. Router on a stick would support icmp redirects; the PIX
does not. And when you are using VLANs on the PIX, you still cannot
send packets out the same VLAN that they came in on.
--
Those were borogoves and the momerathsoutgrabe completely mimsy.
 
Reply With Quote
 
 
 
 
mh
Guest
Posts: n/a
 
      05-03-2004
> Does this feature allow the pix to route between up to 8 vlans?

No

> Was it intended to be used a substitute for a router on a stick?


No
 
Reply With Quote
 
Peter
Guest
Posts: n/a
 
      05-03-2004
Hi Walter,

Walter Roberson wrote:
> No. Router on a stick would support icmp redirects; the PIX
> does not. And when you are using VLANs on the PIX, you still cannot
> send packets out the same VLAN that they came in on.


This made me wonder if the PIX can support routing BETWEEN VLANS on a
SINGLE physical interface, or does the " NO in and out on same
interface" rule, apply to Logical interfaces only where they exist?

Thanks...........pk.

--
*** Replace SOMEONE with prk ***

 
Reply With Quote
 
Walter Roberson
Guest
Posts: n/a
 
      05-04-2004
In article <6Vzlc.1638$(E-Mail Removed)>,
Peter <(E-Mail Removed)> wrote:
:This made me wonder if the PIX can support routing BETWEEN VLANS on a
:SINGLE physical interface, or does the " NO in and out on same
:interface" rule, apply to Logical interfaces only where they exist?

There is no problem going between different VLANs on the same physical
interface, as long as they have different security levels. When you
do not have VLANs on an interface, then a packet coming in would
be trying to go to the same security level interface outgoing
(because it's the identical interface), and traffic between identical
security levels is always dropped. But logical interfaces generally
have different security levels so traffic between them is generally
allowed even when they share a physical interface.
--
Look out, there are llamas!
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Vlan trunking - 6509 /3524xl GJP Cisco 6 03-14-2005 06:10 AM
setup VLAN trunking between 2924 switch and 2611 router tjiang@computeredservices.com Cisco 5 01-02-2005 01:59 AM
Trunking VLAN to non cisco switch? Michael Letchworth Cisco 3 12-09-2004 09:21 PM
VLAN Trunking Cisco Cat 5500 switch (multiple vlans per port) help please BG Cisco 4 09-07-2004 01:39 AM
VLAN Trunking - can you filter which ports are in a given trunk? DaZZa Cisco 0 02-16-2004 12:42 AM



Advertisments