tssiva
asked on
How Configure Cisco PIX 506E with Virtual interface as DMZ
Is it possible to create a virtual DMZ interfaces with Pix 506E ? If so how about doing this, please provide a step by step procedure. What version of the Cisco PIX 506E will support the virtual interfaces that will extend the Pix 506E interfaces ?
Also to add to the above it tags the internal interface as the DMZ interface , so connect this port to a VLAN trunk port which accepts packets from both DMZ vlan and also the regular interface vlan as well.
ASKER
Well, i need to place my public DNS servers in the DMZ so how do you configure your DMZ with public address, same subnet as your outside interfaces ?
Example: ------209.15.25.1 ( router) --- 209.15.25.2 ( pix outside interface )
(pix inside interface ) ---- 10.11.0.1 > 10.11.0.255
( DMZ interface ) ---- i need place the public DNS servers ?
so can this be 209.15.25.3>209.15.25.10 ?
Please provide me step by steps since i am very new to Cisco IOS !
Thanx
Example: ------209.15.25.1 ( router) --- 209.15.25.2 ( pix outside interface )
(pix inside interface ) ---- 10.11.0.1 > 10.11.0.255
( DMZ interface ) ---- i need place the public DNS servers ?
so can this be 209.15.25.3>209.15.25.10 ?
Please provide me step by steps since i am very new to Cisco IOS !
Thanx
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Regarding your question verion 6.3.3 and above supports VLAN on PIX 506 and 506E.
Please try the following:
nameif ethernet0 outside security0
nameif vlan1 dmz security50
ipaddress outside 192.168.101.1 255.255.255.0
ipaddress dmz 192.168.103.1 255.255.255.0
Also you could review the following link for more information:
http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_configuration_guide_chapter09186a0080172786.html#wp1113437
Cheers,
carribeantech