So I need a ton of DMZ ports all of a sudden. I know that the PIX
supports VLAN's, and I also know that the PIX will not route out of the
same interface that the packet comes in on. So, if I create say 5 VLAN's
(non-routable on the switch) and trunk it to the firewall will I be able
to create rules to allow traffic to the different VLAN's?

Example, I have VLAN 10,11,12 on the switch with no IP addresses. I
create logical interfaces on the PIX as everyone's gateway. Rules
permitting, can I allow a computer in VLAN 10 to talk to a computer in
VLAN 11?

Thanks!

--
Wil
my 3¢

Okay, so some reading proved that this can be done... Now, since I need
more bandwidth of course, how about aggrigating PIX ports?

A two GigE trunk would be nice, never heard of one on a PIX though...

Wil
my 3¢

Wil wrote:

GE is only supported pn PIX525 and higher

"Wil" <wil@SPAM.THIS> wrote in message
news:QACGe.6394$p%3.32423@typhoon.sonic.net...

In article <oeuHe.63081$Fe7.202793@news000.worldonline.dk>,
Martin Bilgrav <bilgravCUTTHISOUT@image.dk> wrote:
:GE is only supported pn PIX525 and higher

Correct. Some people have reported that you can get a single GE to
work in a PIX 515/515E.
--
"[...] it's all part of one's right to be publicly stupid." -- Dave Smey

"Walter Roberson" <roberson@ibd.nrc-cnrc.gc.ca> wrote in message news:dclsc4
ok - didnot know this...
But still, considering the throughput performance on 515e, this can really
be an option, also considering it is unsupported from Cisco's side.

rgds
Martin