Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

How Configure Cisco PIX 506E with Virtual interface as DMZ

Posted on 2006-06-06
4
Medium Priority
?
5,759 Views
Last Modified: 2013-11-16
Is it possible to create a virtual DMZ interfaces with Pix 506E ? If so how about doing this, please provide a step by step procedure. What version of the Cisco PIX 506E will support the virtual interfaces that will extend the Pix 506E interfaces ?
0
Comment
Question by:tssiva
  • 2
4 Comments
 
LVL 9

Expert Comment

by:carribeantech
ID: 16843625
Hi,

Regarding your question verion 6.3.3 and above supports VLAN on PIX 506 and 506E.

Please try the following:

nameif ethernet0 outside security0

nameif vlan1 dmz security50

ipaddress outside 192.168.101.1 255.255.255.0

ipaddress dmz 192.168.103.1 255.255.255.0

Also you could review the following link for more information:

http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_configuration_guide_chapter09186a0080172786.html#wp1113437

Cheers,

carribeantech
0
 
LVL 11

Expert Comment

by:prueconsulting
ID: 16844879
Also to add to the above it tags the internal interface as the DMZ interface , so connect this port to a VLAN trunk port which accepts packets from both DMZ vlan and also the regular interface vlan as well.
0
 

Author Comment

by:tssiva
ID: 16844979
Well, i need to place my public DNS servers in the DMZ so how do you configure your DMZ with public address, same subnet as your outside interfaces ?

Example: ------209.15.25.1 ( router) --- 209.15.25.2 ( pix  outside interface )
                                                                            (pix inside interface ) ---- 10.11.0.1 > 10.11.0.255
                                                                            ( DMZ interface ) ---- i need place the public DNS servers ?
                                                                                                           so can this be 209.15.25.3>209.15.25.10 ?

Please provide me step by steps since i am very new to Cisco IOS !

Thanx

 
0
 
LVL 9

Accepted Solution

by:
carribeantech earned 1500 total points
ID: 16848006
Please try the following:

pixfirewall> enable
pass:
pixfirewall# config terminal
pixfirewall(config)# nameif vlan1 dmz security50
pixfirewall(config)# ip address outside 209.15.25.2 255.255.255.0
pixfirewall(config)# ip address dmz 209.15.25.3 255.255.255.0
pixfirewall(config)# write mem


Hope this helps!
0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
Powerful tools can do wonders, but only in the right hands.  Nowhere is this more obvious than with the cloud.
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses
Course of the Month20 days, 17 hours left to enroll

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question