Default State Of Interfaces; Default Security Level; Multiple Context Mode Guidelines; Configuring The Interface - Cisco PIX 500 Series Configuration Manual
Security appliance command line
Hide thumbs
Also See for PIX 500 Series:
- Administration manual (653 pages) ,
- Quick start manual (72 pages) ,
- User manual (60 pages)
Table of Contents
Advertisement
Chapter 7
Configuring Interface Parameters
Default State of Interfaces
The default state of an interface depends on the type and the context mode.
In multiple context mode, all allocated interfaces are enabled by default, no matter what the state of the
interface is in the system execution space. However, for traffic to pass through the interface, the interface
also has to be enabled in the system execution space. If you shut down an interface in the system
execution space, then that interface is down in all contexts that share it.
In single mode or in the system execution space, interfaces have the following default states:
•
•
•
Default Security Level
The default security level is 0. If you name an interface "inside" and you do not set the security level
explicitly, then the security appliance sets the security level to 100.
Note
If you change the security level of an interface, and you do not want to wait for existing connections to
time out before the new security information is used, you can clear the connections using the
clear local-host command.
Multiple Context Mode Guidelines
For multiple context mode, follow these guidelines:
•
•
•
Configuring the Interface
To configure an interface or subinterface, perform the following steps:
Step 1
To specify the interface you want to configure, enter the following command:
hostname(config)# interface {{redundant number | physical_interface }[. subinterface ] |
mapped_name }
hostname(config-if)#
The redundant number argument is the redundant interface ID, such as redundant 1.
Append the subinterface ID to the physical or redundant interface ID separated by a period (.).
OL-12172-03
Physical interfaces—Disabled.
Redundant Interfaces—Enabled. However, for traffic to pass through the redundant interface, the
member physical interfaces must also be enabled.
Subinterfaces—Enabled. However, for traffic to pass through the subinterface, the physical interface
must also be enabled.
Configure the context interfaces from within each context.
Configure context interfaces that you already assigned to the context in the system configuration.
Other interfaces are not available.
Configure Ethernet settings, redundant interfaces, and subinterfaces in the system configuration. No
other configuration is available. The exception is for failover interfaces, which are configured in the
system configuration. Do not configure failover interfaces with the procedures in this chapter. See
Chapter 14, "Configuring Failover,"
for more information.
Cisco Security Appliance Command Line Configuration Guide
Configuring Interface Parameters
7-3
Advertisement
Table of Contents
Troubleshooting
