Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > PIX same Vlan configuration on both interfaces

Reply
Thread Tools

PIX same Vlan configuration on both interfaces

 
 
Padhu
Guest
Posts: n/a
 
      10-27-2006
I have a PIX 506E. I need to setup a network with this PIX as below.

vlan1 vlan2
| |
-------------
|
outside interface of PIX
|| PIX ||
inside interface of PIX
|
-------------- (switch)
| |
vlan1 vlan2

vlan1 (default vlan) is the physical interface and vlan 2 is the
logical interface on the outside interface
How do i route the packets that enter the logical interface of vlan 2
to the vlan 2 on the inside network? I am unable to create the same
vlan 2 on the inside interface as the pix says its already available on
onother interface.

My default vlan works fine. I am able to ping the outside logical
interface of the PIX from vlan 2. How do i configure vlan 2 on the
inside interface of the PIX?

Please do let me know your ideas on this.

Regards
Pad

 
Reply With Quote
 
 
 
 
Walter Roberson
Guest
Posts: n/a
 
      10-27-2006
In article <(E-Mail Removed) om>,
Padhu <(E-Mail Removed)> wrote:
>I have a PIX 506E. I need to setup a network with this PIX as below.


>vlan1 vlan2
> | |
> -------------
> |
>outside interface of PIX
> || PIX ||
>inside interface of PIX
> |
> -------------- (switch)
> | |
>vlan1 vlan2


>vlan1 (default vlan) is the physical interface and vlan 2 is the
>logical interface on the outside interface
>How do i route the packets that enter the logical interface of vlan 2
>to the vlan 2 on the inside network?


You can't do per-vlan routing in the PIX 506E. There is only one
routing table in PIX 6: if packets in VLAN1 have a destination IP
in VLAN2's range, then they will be routed there if the ACLs and
xlates permit that.

>I am unable to create the same
>vlan 2 on the inside interface as the pix says its already available on
>onother interface.


You can't do it on the 506E. Use different VLAN numbers.

In order to do per-vlan routing, you would need the Virtual Router
Facility that is available in PIX 7 (which is not supported
on the 506E.) The number of VRF contexts supported depends on the
model and the license.

I don't know if PIX 7 permits the same VLAN number for two different
interfaces in the same VRF context. Somehow I suspect it doesn't.
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
PIX 515 - can Use VPN300 Client and PIX-to-PIX VPN at the same time? Stephen M Cisco 1 11-14-2006 02:03 PM
NAT on both interfaces. PIX AM Cisco 0 07-06-2005 03:50 PM
Drastic difference in bit rates for the same transfer on different interfaces - PIX 515e wongadon@gmail.com Cisco 2 01-27-2005 02:32 PM
pix vlan interfaces and routing Bill F Cisco 1 09-17-2004 06:15 AM
native vlan mismatch on 2 2924 switches w/ only 1 vlan defined (same on both switches) avraham shir-el Cisco 4 07-20-2004 08:08 AM



Advertisments