1. Home
  2. Cisco Systems
  3. Newbie: routing between two internal subnets?

Newbie: routing between two internal subnets?

Hi: I have a PIX 506e with an internal subnet of 192.168.1/24.

I have a Dell web-managed switch on the inside network that defaults to IP

192.168.2.1 for managed access.

My internal clients on the 192.168.1/24 can't connect to the switch, and I'd also like to be able to access the switch through a Cisco Client VPN as well.

I'd like to keep the switch on 192.168.2/24 just to keep things tidy. What is the simplest way to allow access to this switch from inside the PIX as well as through the VPN?

TIA

Reply to
cisco
Loading thread data ...

Can you post (sanitized) configs? It's really helpful to get an idea of what you're doing.

For example, the security level you set those two interfaces (192.168.1.0/24 & 2.0/24) have a lot to do with the access that you allow. Higher level (like 100) interfaces are allowed into lower level interfaces, but not the other way around.

Reply to
hack.bac

The simplest thing to do is to change the IP address assigned to the Dell switch to be in the same subnet as the PIX inside interface.

Reply to
Merv

You could try setting up a VLANs between the PIX and the switch; I do not know if this will work . VLANs use 802.1q trunking so you should confirm that the Dell switch supports this before attempting.

The 506E will support 2 VLAN interfaces ( refferred to as logical interfaces IN PIX docs).

See Cisco doc Using VLANs with the Firewall

formatting link
Note the above is a configuration example that using the PIX CLI interface. No idea how to do this with PDM.

Backup you current config before starting.

Reply to
Merv

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.