[c-nsp] Renaming interfaces on a PIX 525
Mathias Spoerr
mathias.spoerr at at.ibm.com
Thu Jul 24 05:53:00 EDT 2008
you cannot configure the same IP address on two interfaces, except one is
shutdown. I would suggest the following procedure:
* use a new name for the new outside interface, shut it down, and
configure IP, name, sec level...
* do a "show run | i outside" to see where the name of the outside
interface is used (static, route...)
* delete the config for the old outside interface and reconfigure the
static, route, global... commands to the new interface name
* if you want to have "outside" as name for the new interface, then rename
it
Mathias
From:
"Steven Pfister" <SPfister at dps.k12.oh.us>
To:
Mathias Spoerr/Austria/IBM at IBMAT, "Jeff Kell" <jeff-kell at utc.edu>
Cc:
<cisco-nsp at puck.nether.net>
Date:
23.07.2008 23:01
Subject:
Re: [c-nsp] Renaming interfaces on a PIX 525
I think I'm probably going to do this from the command line. Would I be
able to have two interfaces marked as outside? Do something like:
int gig1
nameif outside
security-level 0
int eth0
nameif old.outside
security-level 6
no ip address
int gig1
ip address <address from eth0> standby <standby address from eth0>
(after backing up the config, of course...)
Thanks!
Steve Pfister
Technical Coordinator,
The Office of Information Technology
Dayton Public Schools
115 S. Ludlow St.
Dayton, OH 45402
Office (937) 542-3149
Cell (937) 673-6779
Direct Connect: 137*131747*8
Email spfister at dps.k12.oh.us
>>> Jeff Kell <jeff-kell at utc.edu> 7/23/2008 4:50 PM >>>
Mathias Spoerr wrote:
> Hello Steve,
>
> when I remember correctly -> when you rename the interface, then also
the
> related config parts, where the interface name is used, are changed.
Keep a good backup of the config just in case, especially if you're
talking about trying this with PDM/ASDM. They don't "rename"/"change"
very well, they really try to delete/re-add, and the delete part deletes
all associated configuration references to the original.
Jeff
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7943 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://puck.nether.net/pipermail/cisco-nsp/attachments/20080724/639b93c8/attachment-0001.bin>
More information about the cisco-nsp
mailing list