[c-nsp] Renaming interfaces on a PIX 525

Steven Pfister SPfister at dps.k12.oh.us
Thu Jul 24 08:44:02 EDT 2008 

I wasn't actually proposing to have the same ip address on two interfaces, but to take it off one before putting it on another.

Steve Pfister
Technical Coordinator, 
The Office of Information Technology
Dayton Public Schools
115 S. Ludlow St. 
Dayton, OH 45402
 
Office (937) 542-3149
Cell (937) 673-6779
Direct Connect: 137*131747*8
Email spfister at dps.k12.oh.us


>>> Mathias Spoerr <mathias.spoerr at at.ibm.com> 7/24/2008 5:53 AM >>>
you cannot configure the same IP address on two interfaces, except one is 
shutdown. I would suggest the following procedure:
* use a new name for the new outside interface, shut it down, and 
configure IP, name, sec level...
* do a "show run | i outside" to see where the name of the outside 
interface is used (static, route...)
* delete the config for the old outside interface and reconfigure the 
static, route, global... commands to the new interface name
* if you want to have "outside" as name for the new interface, then rename 
it

Mathias






From:
"Steven Pfister" <SPfister at dps.k12.oh.us>
To:
Mathias Spoerr/Austria/IBM at IBMAT, "Jeff Kell" <jeff-kell at utc.edu>
Cc:
<cisco-nsp at puck.nether.net>
Date:
23.07.2008 23:01
Subject:
Re: [c-nsp] Renaming interfaces on a PIX 525



I think I'm probably going to do this from the command line. Would I be 
able to have two interfaces marked as outside? Do something like:

int gig1
  nameif outside
  security-level 0
int eth0
  nameif old.outside
  security-level 6
  no ip address
int gig1
  ip address <address from eth0> standby <standby address from eth0>

(after backing up the config, of course...)

Thanks!

Steve Pfister
Technical Coordinator, 
The Office of Information Technology
Dayton Public Schools
115 S. Ludlow St. 
Dayton, OH 45402

Office (937) 542-3149
Cell (937) 673-6779
Direct Connect: 137*131747*8
Email spfister at dps.k12.oh.us 


>>> Jeff Kell <jeff-kell at utc.edu> 7/23/2008 4:50 PM >>>
Mathias Spoerr wrote:
> Hello Steve,
>
> when I remember correctly -> when you rename the interface, then also 
the 
> related config parts, where the interface name is used, are changed.

Keep a good backup of the config just in case, especially if you're 
talking about trying this with PDM/ASDM.  They don't "rename"/"change" 
very well, they really try to delete/re-add, and the delete part deletes 
all associated configuration references to the original.

Jeff
_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net 
https://puck.nether.net/mailman/listinfo/cisco-nsp 
archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list