Does PIX 506e support VLANs or not? Very confused...
Hi all.
Below is a post that I recently made on tek-teps. Would appreciate any insight you may have on this.
I'm in the process of setting up a VLAN'd environment for a client, using a Cisco 2900 series switch and a PIX 506e. My question is this: does the 506e support 2 virtual interfaces or not? I keep seeing configs posted on various sites (two below for example) where it claims to only support 2 interfaces. This one suggests that the device DOES support the VLAN interfaces:
Cisco PIX Firewall Version 6.3(5)
Cisco PIX Device Manager Version 3.0(4)
Compiled on Thu 04-Aug-05 21:40 by morlee
pixfirewall up 18 secs
Hardware: PIX-506E, 64 MB RAM, CPU Pentium II 300 MHz
Flash E28F640J3 @ 0x300, 8MB
BIOS Flash AM29F400B @ 0xfffd8000, 32KB
0: ethernet0: address is 000e.d7b9.7295, irq 10
1: ethernet1: address is 000e.d7b9.7296, irq 11
Licensed Features:
Failover: Disabled
VPN-DES: Enabled
VPN-3DES-AES: Enabled
Maximum Physical Interfaces: 2
Maximum Interfaces: 4
Cut-through Proxy: Enabled
Guards: Enabled
URL-filtering: Enabled
Inside Hosts: Unlimited
Throughput: Unlimited
IKE peers: Unlimited
This PIX has a Restricted (R) license.
Serial Number: 808300420 (0x30296c80)
... and this one suggests it DOESN'T:
Cisco PIX Firewall Version 6.3(5)
Cisco PIX Device Manager Version 3.0(4)
Compiled on Wed 13-Aug-03 13:55 by morlee
Pix up 7 mins 51 secs
Hardware: PIX-506E, 32 MB RAM, CPU Pentium II 300 MHz
Flash E28F640J3 @ 0x300, 8MB
BIOS Flash AM29F400B @ 0xfffd8000, 32KB
0: ethernet0: address is 000f.9066.1a3f, irq 10
1: ethernet1: address is 000f.9066.1a40, irq 11
Licensed Features:
Failover: Disabled
VPN-DES: Enabled
VPN-3DES-AES: Enabled
Maximum Physical Interfaces: 2
Maximum Interfaces: 2
Cut-through Proxy: Enabled
Guards: Enabled
URL-filtering: Enabled
Inside Hosts: Unlimited
Throughput: Unlimited
IKE peers: Unlimited
This PIX has a Restricted (R) license.
Serial Number: 808141507 (0x302b42c3)
Running Activation Key:
Configuration last modified by at 06:28:16.000 UTC Thu Feb 7 2036
They're both for sale on eBay. Since they both seem to be running the 6.3(5) software and 3.0(4) PDM, the only difference I can find is the RAM (the first has 64mb, the second only 32mb). Is it then the case that I need to upgrade the RAM on the device I buy in order to support the virtual interfaces?
Halp!!
Thanks in advance.
George
Below is a post that I recently made on tek-teps. Would appreciate any insight you may have on this.
I'm in the process of setting up a VLAN'd environment for a client, using a Cisco 2900 series switch and a PIX 506e. My question is this: does the 506e support 2 virtual interfaces or not? I keep seeing configs posted on various sites (two below for example) where it claims to only support 2 interfaces. This one suggests that the device DOES support the VLAN interfaces:
Cisco PIX Firewall Version 6.3(5)
Cisco PIX Device Manager Version 3.0(4)
Compiled on Thu 04-Aug-05 21:40 by morlee
pixfirewall up 18 secs
Hardware: PIX-506E, 64 MB RAM, CPU Pentium II 300 MHz
Flash E28F640J3 @ 0x300, 8MB
BIOS Flash AM29F400B @ 0xfffd8000, 32KB
0: ethernet0: address is 000e.d7b9.7295, irq 10
1: ethernet1: address is 000e.d7b9.7296, irq 11
Licensed Features:
Failover: Disabled
VPN-DES: Enabled
VPN-3DES-AES: Enabled
Maximum Physical Interfaces: 2
Maximum Interfaces: 4
Cut-through Proxy: Enabled
Guards: Enabled
URL-filtering: Enabled
Inside Hosts: Unlimited
Throughput: Unlimited
IKE peers: Unlimited
This PIX has a Restricted (R) license.
Serial Number: 808300420 (0x30296c80)
... and this one suggests it DOESN'T:
Cisco PIX Firewall Version 6.3(5)
Cisco PIX Device Manager Version 3.0(4)
Compiled on Wed 13-Aug-03 13:55 by morlee
Pix up 7 mins 51 secs
Hardware: PIX-506E, 32 MB RAM, CPU Pentium II 300 MHz
Flash E28F640J3 @ 0x300, 8MB
BIOS Flash AM29F400B @ 0xfffd8000, 32KB
0: ethernet0: address is 000f.9066.1a3f, irq 10
1: ethernet1: address is 000f.9066.1a40, irq 11
Licensed Features:
Failover: Disabled
VPN-DES: Enabled
VPN-3DES-AES: Enabled
Maximum Physical Interfaces: 2
Maximum Interfaces: 2
Cut-through Proxy: Enabled
Guards: Enabled
URL-filtering: Enabled
Inside Hosts: Unlimited
Throughput: Unlimited
IKE peers: Unlimited
This PIX has a Restricted (R) license.
Serial Number: 808141507 (0x302b42c3)
Running Activation Key:
Configuration last modified by at 06:28:16.000 UTC Thu Feb 7 2036
They're both for sale on eBay. Since they both seem to be running the 6.3(5) software and 3.0(4) PDM, the only difference I can find is the RAM (the first has 64mb, the second only 32mb). Is it then the case that I need to upgrade the RAM on the device I buy in order to support the virtual interfaces?
Halp!!
Thanks in advance.
George
Starting from 6.3(4) 506e supports VLAN.
http://www.cisco.com/en/US/products/sw/secursw/ps2120/prod_release_note09186a008059fccf.html#wp159177
http://www.cisco.com/en/US/products/sw/secursw/ps2120/prod_release_note09186a008059fccf.html#wp159177
ASKER
Fair enough, I've read that already, but that still doesn't explain the descrepancy in the number of interfaces listed above. Can you explain that at all? Thanks.
ASKER
A better question would have been, does the amount of RAM have any bearing on the 506e's ability to support those extra logical interfaces?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Check this link from cisco.
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_data_sheet09186a0080091b13.html
It clearly states that it support 2 VLAN interfaces.