Posted this to list.cisco-nsp too, well, that is, I tried doing that about 4 hours ago and it still hasn't appeared. Sorry if it's a cross-post.
Hey there,
have a small question on a PIX. However before that I should explain some background.
We're hosting some servers for different customers. These servers still run on VMWare GSX and/or workstation, which makes us unable to use VLAN's for a while (will be upgrading to ESX in 1 to 2 years, hopefully sooner).
Anyway, due to the fact we can not use VLAN's yet we can not set up multiple IP addresses on the cisco, as the 6.3 PIX IOS that is on it now does not support logical devices (as I understood from #cisco on IRC). It does support vlan logical devices, but these will actually check the vlan ID's, so can't use those.
The separation between the customers networks is for now solely based on subnetting. So there's a 192.168.11.x/24 subnet for customer X and
192.168.12.x/24 for customer Y.Now what I need to know (for certain) is that PIX IOS 7 will allow us to do what we need. The PIX will have to have an IP in each subnet, and allow the customers to set up an IPSec VPN connection to their subnet (and ofcourse shouldn't be allowed to reach the other subnets).
Sorry to ask this here, but can't test with PIX IOS 7, as there aren't any contracts on the device (so can't download 7) and there isn't enough memory in the device. And ofcourse we don't want to buy these things if PIX IOS 7 isn't going to solve our problems.
TIA & Kind regards