Re: PIX 515E 7.2 Duplex problem

[Chris Buechler <fw-wiz () chrisbuechler com>]

Drumheller, Michael wrote:
> The interface on the PIX shuts down when duplex is changed from auto 
> to full.  The switch it connects to is configured for full duplex but 
> the PIX still shows half duplex when in auto negotiate mode.

Of course - when you force one end to full and leave the other on auto, 
the auto side ends up half duplex and you end up with a duplex mismatch. 
That's what is expected to happen when you misconfigure things like 
this. You can't set one side to full and the other on auto.
suggested reading:
http://www.sun.com/blueprints/0704/817-7526.pdf
http://en.wikipedia.org/wiki/Autonegotiation
 
What if you just set the port and the PIX to auto? I hate seeing 
networks where people force duplex, 90% of them I see end up with duplex 
mismatches all over because too many people don't understand how 
autonegotiation works. Every vendor including Cisco recommends using 
auto whenever both ends support it.

It *shouldn't* be an issue to set both ends, and all 515E's should have 
only 10/100 ports. But it's not recommended, personally I wouldn't care 
why it doesn't work.

You may want to check for a firmware update for your switch regardless. 
Since your PIX seems to be on the latest version it should be fine.

_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards