Re: Maximum VLAN interfaces PIX515-UR

Discussion in 'Cisco' started by Patrick, Jul 25, 2003.

  1. Patrick

    Patrick Guest

    -cnrc.gc.ca (Walter Roberson) wrote in message news:<bfpjaf$okj$>...
    > In article <>,
    > Patrick <> wrote:
    > :At this moment I'm creating a configuration for a PIX515-UR.
    >
    > :I never have created VLAN's on a PIX before and there is little
    > :information on it. Sure, there is more then enough about how to create
    > :VLAN's, but not how the number of interfaces are counted.
    >
    > :I have six physical interfaces en I know I can a maximum of ten
    > :logical interfaces. But does the physical VLAN count as an interface?
    >
    > The 515-UR does not support 10 logical interfaces: it supports
    > 8 logical interfaces at maximum, and a *total* of 10 interfaces at most.
    > The number of logical interfaces you can have is 10 minus the number
    > of phyiscal interfaces. With 6 physical interfaces, that would leave
    > you only 4 logical interfaces.
    >
    > This behaviour is not at all clear in the command reference,
    > but it is documented in the Configuration Guide.
    >
    > My comparison chart lists the number of logical and total interfaces
    > supported for each 5xx series model, using information derived
    > from the Configuration Guide; the chart is at
    >
    > http://www.ibd.nrc.ca/~roberson/cisco-pix-models.txt



    Walter,

    Thank you for your response.

    So, would it be possible to move one of the logical VLAN's to the
    physical level? The config would then look like this:

    nameif ethernet0 NS-LAN-WAN security0
    nameif ethernet1 MERCURIUS security5
    nameif ethernet2 Stateful-failover security99
    nameif ethernet3 VBS-PRD security95
    nameif ethernet4 VBS-ACC security75
    nameif ethernet5 DMZ-PRD security55

    interface ethernet3 vlan95 physical
    interface ethernet3 vlan90 logical
    interface ethernet4 vlan75 physical
    interface ethernet4 vlan70 logical
    interface ethernet5 vlan55 physical
    interface ethernet5 vlan50 logical

    nameif vlan90 VAS-PRD security90
    nameif vlan70 VAS-ACC security70
    nameif vlan50 DMZ-ACC security50

    ip address NS-LAN-WAN 172.16.0.6 255.255.0.0
    ip address MERCURIUS 10.255.3.2 255.255.255.0
    ip address Stateful-failover 10.255.0.1 255.255.255.252
    ip address VBS-PRD 10.255.2.65 255.255.255.192
    ip address VBS-ACC 10.255.2.1 255.255.255.192
    ip address DMZ-PRD 10.255.8.1 255.255.254.0
    ip address VAS-PRD 10.255.6.1 255.255.254.0
    ip address VAS-ACC 10.255.16.1 255.255.254.0
    ip address DMZ-ACC 10.255.18.1 255.255.254.0


    And the of course a trunk to the switch.

    TIA

    Patrick
     
    Patrick, Jul 25, 2003
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. ejikn
    Replies:
    2
    Views:
    816
    Walter Roberson
    May 4, 2004
  2. Bill F
    Replies:
    0
    Views:
    599
    Bill F
    Sep 17, 2004
  3. Bill F
    Replies:
    1
    Views:
    1,791
    Walter Roberson
    Sep 17, 2004
  4. rossco
    Replies:
    2
    Views:
    887
    rossco
    Nov 24, 2005
  5. nbdHtsd

    PIX515 interfaces

    nbdHtsd, Jan 15, 2009, in forum: Cisco
    Replies:
    0
    Views:
    406
    nbdHtsd
    Jan 15, 2009
Loading...

Share This Page