Re: [fw-wiz] Pix 535 - Filtering to VLANs?

FirewallWizards

[Top] [All Lists]

<prev [Date] next>

<prev [Thread] next>

Re: [fw-wiz] Pix 535 - Filtering to VLANs?

from [Jason Gervia]

[Permanent Link][Original]

To:	"Firewall Wizards Security Mailing List" <firewall-wizards@listserv.icsalabs.com>
Subject:	Re: [fw-wiz] Pix 535 - Filtering to VLANs?
From:	"Jason Gervia" <level7online@gmail.com>
Date:	Wed, 4 Apr 2007 22:08:16 -0400
Delivered-to:	sp-com-lists@consult.net
Delivered-to:	fwwizards-list2@consult.net
Delivered-to:	firewall-wizards@listserv.icsalabs.com
In-reply-to:	<4613A605.3090507@sunderland.ac.uk>
List-archive:	<https://listserv.icsalabs.com/pipermail/firewall-wizards>
List-help:	<mailto:firewall-wizards-request@listserv.icsalabs.com?subject=help>
List-id:	Firewall Wizards Security Mailing List <firewall-wizards.listserv.icsalabs.com>
List-post:	<mailto:firewall-wizards@listserv.icsalabs.com>
List-subscribe:	<https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards>, <mailto:firewall-wizards-request@listserv.icsalabs.com?subject=subscribe>
List-unsubscribe:	<https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards>, <mailto:firewall-wizards-request@listserv.icsalabs.com?subject=unsubscribe>
References:	<4613A605.3090507@sunderland.ac.uk>
Reply-to:	Firewall Wizards Security Mailing List <firewall-wizards@listserv.icsalabs.com>
Sender:	firewall-wizards-bounces@listserv.icsalabs.com

Quick answer -

You can do this if you are trunking to your inside pix interface. It will route out the correct interface and tag the packet with the appropriate vlan.

Cisco refers to these as 'logical' interfaces in 6.3 and sub-interfaces in 7.x

Pix 6.3:

http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_configuration_guide_chapter09186a0080172786.html#wp1116060

Pix 7.x

http://www.cisco.com/en/US/products/ps6120/products_configuration_guide_chapter09186a0080636f42.html#wp1044006

On 4/4/07, James Burns <james.burns@sunderland.ac.uk> wrote:

Just a quick query...

I'm using a pair of Pix 535's in a failover set. Is it possible to match
traffic entering the outside interface, and subsequently put it into a
VLAN on exiting the inside interface?

Thanks in advance,
James

--
James Burns

Network Advisor – Student & Learning Support
University of Sunderland

web: www.sunderland.ac.uk

_______________________________________________
firewall-wizards mailing list
firewall-wizards@listserv.icsalabs.com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards

_______________________________________________
firewall-wizards mailing list
firewall-wizards@listserv.icsalabs.com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
[fw-wiz] Pix 535 - Filtering to VLANs?, James Burns Re: [fw-wiz] Pix 535 - Filtering to VLANs?, Jason Gervia <= Re: [fw-wiz] Pix 535 - Filtering to VLANs?, stursa Re: [fw-wiz] Pix 535 - Filtering to VLANs?, James Burns

Previous by Date:	[fw-wiz] Fw: Update on 1720/1863 (was: Re: OT? New compromise.), Jim Seymour
Next by Date:	Re: [fw-wiz] TCP syncookies - firewall or host?, rgolodner
Previous by Thread:	[fw-wiz] Pix 535 - Filtering to VLANs?, James Burns
Next by Thread:	Re: [fw-wiz] Pix 535 - Filtering to VLANs?, stursa
Indexes:	[Date] [Thread] [Top] [All Lists]