[c-nsp] Renaming interfaces on a PIX 525

Mathias Spoerr mathias.spoerr at at.ibm.com
Thu Jul 24 05:53:00 EDT 2008


you cannot configure the same IP address on two interfaces, except one is 
shutdown. I would suggest the following procedure:
* use a new name for the new outside interface, shut it down, and 
configure IP, name, sec level...
* do a "show run | i outside" to see where the name of the outside 
interface is used (static, route...)
* delete the config for the old outside interface and reconfigure the 
static, route, global... commands to the new interface name
* if you want to have "outside" as name for the new interface, then rename 
it

Mathias






From:
"Steven Pfister" <SPfister at dps.k12.oh.us>
To:
Mathias Spoerr/Austria/IBM at IBMAT, "Jeff Kell" <jeff-kell at utc.edu>
Cc:
<cisco-nsp at puck.nether.net>
Date:
23.07.2008 23:01
Subject:
Re: [c-nsp] Renaming interfaces on a PIX 525



I think I'm probably going to do this from the command line. Would I be 
able to have two interfaces marked as outside? Do something like:

int gig1
  nameif outside
  security-level 0
int eth0
  nameif old.outside
  security-level 6
  no ip address
int gig1
  ip address <address from eth0> standby <standby address from eth0>

(after backing up the config, of course...)

Thanks!

Steve Pfister
Technical Coordinator, 
The Office of Information Technology
Dayton Public Schools
115 S. Ludlow St. 
Dayton, OH 45402
 
Office (937) 542-3149
Cell (937) 673-6779
Direct Connect: 137*131747*8
Email spfister at dps.k12.oh.us


>>> Jeff Kell <jeff-kell at utc.edu> 7/23/2008 4:50 PM >>>
Mathias Spoerr wrote:
> Hello Steve,
>
> when I remember correctly -> when you rename the interface, then also 
the 
> related config parts, where the interface name is used, are changed.

Keep a good backup of the config just in case, especially if you're 
talking about trying this with PDM/ASDM.  They don't "rename"/"change" 
very well, they really try to delete/re-add, and the delete part deletes 
all associated configuration references to the original.

Jeff
_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net 
https://puck.nether.net/mailman/listinfo/cisco-nsp 
archive at http://puck.nether.net/pipermail/cisco-nsp/



-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7943 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://puck.nether.net/pipermail/cisco-nsp/attachments/20080724/639b93c8/attachment-0001.bin>


More information about the cisco-nsp mailing list