Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 640
  • Last Modified:

How to configure vlans on my Cisco pix 515e

Hi Experts,

I have a cisco switch 3550 in which I will configure the vlans 10 and 20.
The VLAN 10 with ip 192.168.1.10
The VLAN 20 with ip 10.0.0.10

My PIX 515E
Will have NAT and PAT enable, I do not have a static ip address outside, I checked the configurations on how to create a vlan and I noticed that the inside E1 interface is not configure but instead they assign the VLANS as interface E1.10  AND interface E1.20 instead.
My question is:
Do I have to assign an ip address to the inside interface E1 when creating VLANS on that interface?
If I do not assign an ip address then how can I manage the PIX using SSH or telnet?

Please advise.
0
chenzovicc
Asked:
chenzovicc
  • 3
  • 2
2 Solutions
 
SuperTacoCommented:
Instead of assigning an I tothe interface, create a sub interface and define whati VLAN it belongs to

ocnfig t
int e1.1
encapsulation .1q
vlan 1000
ipaddress x.x.x.x
0
 
chenzoviccAuthor Commented:
So you mean that instead of assigning an ip address to the inside E1 interface I should create the 2 vlans on the E1?.
Do I have to assign a NAT for every vlan? so they can access the internet?
0
 
SuperTacoCommented:
Yes, and you should just have to assign a static route.  
0
Choose an Exciting Career in Cybersecurity

Help prevent cyber-threats and provide solutions to safeguard our global digital economy. Earn your MS in Cybersecurity. WGU’s MSCSIA degree program was designed in collaboration with national intelligence organizations and IT industry leaders.

 
chenzoviccAuthor Commented:
You mentioned that I should assign a static route but if my vlans are coming from a HIGHER LEVEL interface to a lower level(INTERNET) Do I still need to assign static routes?.

Thanks
0
 
fgasimzadeCommented:
Your subinterfaces (vlans) are like physical interfaces, so you would need NAT for both of them.

A static route pointing to the internet is usually looks like this:

route outside 0.0.0.0 0.0.0.0 ip_default_gateway
0
 
chenzoviccAuthor Commented:
Thanks
0

Featured Post

Choose an Exciting Career in Cybersecurity

Help prevent cyber-threats and provide solutions to safeguard our global digital economy. Earn your MS in Cybersecurity. WGU’s MSCSIA degree program was designed in collaboration with national intelligence organizations and IT industry leaders.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now