Re: [fw-wiz] Pix 535 - Filtering to VLANs?



Thanks for your quick answer.

Having re-read my original question, I realise that I've not been clear enough. As a follow-up/clarification, how about this then...

We currently have a big, flat network (plans to change that this summer, but not changing for a few months yet) and as a result we have a few VLANS (about 20 or so), but they all exist within the same IP range/subnet.

With that in mind is it still possible? Ideally, what we want to be able to do is examine the incoming traffic, and pass certain types (e.g. Multicast IP ranges, maybe some others) to specific VLANs. Equipment is Pix535 with 2x Gig (inside & outside) and 2x FE (failover and stateful failover).

Thanks again,
James


stursa@xxxxxxxxxxxxx wrote:
James Burns said:
Just a quick query...

I'm using a pair of Pix 535's in a failover set. Is it possible to match
traffic entering the outside interface, and subsequently put it into a
VLAN on exiting the inside interface?

A couple of years ago I set up a 525G (2 gig ports and two FE) with
filtering on the outside gigabit interface and five VLANs mapped to the
inside gigabit interface. Worked fine.

It was not a failover config, however. Not sure how that would change a
VLAN implementation.

- SS

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards