We help IT Professionals succeed at work.

Pix 501 Subinterface

stamperb
stamperb asked
on
1,533 Views
Last Modified: 2013-11-16
I'm trying to setup a subinterface on my pix 501 inside interface and am  having some issues.  Per cisco's guide from the config prompt i would just type interface ethernet1 and this should put me into the config-if mode.  However, it doesn't do anything doesn't give me an error or anything just comes back to the config prompt.  Any ideas?
Ver. 6.2
interface0 (outside)
interface1 (inside)

This is about all the information i can think to give?
Comment
Watch Question

This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION
Les MooreSystems Architect
CERTIFIED EXPERT
Top Expert 2008
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION

Author

Commented:
How about the New ASA's?  What is the lowest model that supports the sub-interface there?

Basically all I want to create the sub-interface for is to route between 2 subnets that are on the same physical lan.  No vlans present.

Les MooreSystems Architect
CERTIFIED EXPERT
Top Expert 2008

Commented:
PIX nor ASA supports secondary address on any interface.
The common method of having two subnets on one LAN is to use VLAN's, else multiple hosts each have multiple IP's.
Almost ANY IOS based router will do it, but PIX/ASA do not run IOS
Got an old 1600 laying around? 2500? Anything?

Author

Commented:
Currently the network is setup with 2 networks.  One network currently points to the Pix 501 for its DFGW and the other none of the machines have a default gateway set.  I was hoping I wouldn't have to change anything on the network that currently has its default gateway set to the pix and jsut add default gw's to the other to point to the new subinterface on the pix.  I really didn't want to add another router and route from the pix to that and back.  Hmm, any recomendations for a ... don't want to use the word cheap but cost effective solution to get 1 device to replace the pix and get my desired result.  Don't want to complexify the environment any more than i have to.  I'd like to stick with cisco but am open to other alternatives.
Les MooreSystems Architect
CERTIFIED EXPERT
Top Expert 2008

Commented:
I'm not fond of using a router as a firewall and PIX is one of the best for the money, besides the new ASA5505.
It would be so simple to just get a 2600 router off ebay and use it as a router-on-a-stick:

pix:
 route inside 10.10.10.0 255.255.255.0 192.168.2.254 <== points to router

router:
 interface Ethernet 0/0
  ip add 192.168.2.254 255.255.255.0
  ip add 10.10.10.254 255.255.255.0 secondary
  no shut
 ip route 0.0.0.0 0.0.0.0 192.168.2.1  <== point to PIX

Simply done.
 

Author

Commented:
Got ya.  Does complexify the network but it'd definatly work.  Thanks all for your help
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.