https://community.cisco.com/t5/network-security/sun-interfaces/m-p/2747077#M192472 <P>Hey guys,</P><P>&nbsp;</P><P>I am trying to consolidate 2 different&nbsp;firewalls into another ASA 5520&nbsp;active/standby firewall, and only have 1 interface available, I wanted to make sure that I can use sub-interface for site-to-site VPN, anyconnect, and also another sub-if for outside traffic?</P><P>Is this possible, is it a good idea? I have 2 maybe 3 different public IPs but from the same subnet. What route should I go with this? Is it best practice to use the same IP for LAN outside traffic and VPN site to site/anyconnect?</P><P>&nbsp;</P><P>&nbsp;</P> Tue, 12 Mar 2019 06:28:47 GMT Chad Campbell 2019-03-12T06:28:47Z https://community.cisco.com/t5/network-security/sun-interfaces/m-p/2747077#M192472 <P>Hey guys,</P><P>&nbsp;</P><P>I am trying to consolidate 2 different&nbsp;firewalls into another ASA 5520&nbsp;active/standby firewall, and only have 1 interface available, I wanted to make sure that I can use sub-interface for site-to-site VPN, anyconnect, and also another sub-if for outside traffic?</P><P>Is this possible, is it a good idea? I have 2 maybe 3 different public IPs but from the same subnet. What route should I go with this? Is it best practice to use the same IP for LAN outside traffic and VPN site to site/anyconnect?</P><P>&nbsp;</P><P>&nbsp;</P> Tue, 12 Mar 2019 06:28:47 GMT https://community.cisco.com/t5/network-security/sun-interfaces/m-p/2747077#M192472 Chad Campbell 2019-03-12T06:28:47Z https://community.cisco.com/t5/network-security/sun-interfaces/m-p/2747078#M192473 <P>Hello Chad,</P><P style="font-size: 14.3999996185303px;">These are the answers to your questions:</P><P style="font-size: 14.3999996185303px;">I am trying to consolidate 2 different&nbsp;firewalls into another ASA 5520&nbsp;active/standby firewall, and only have 1 interface available, I wanted to make sure that I can use sub-interface for site-to-site VPN, anyconnect, and also another sub-if for outside traffic?</P><P style="font-size: 14.3999996185303px;">-I don't see any limitation other than using the physical&nbsp;and sub interface on the same interface with VPN. Meanwhile both are sub interfaces its supposed to work.&nbsp;</P><P style="font-size: 14.3999996185303px;">Is this possible, is it a good idea? I have 2 maybe 3 different public IPs but from the same subnet. What route should I go with this? Is it best practice to use the same IP for LAN outside traffic and VPN site to site/anyconnect?</P><P>-It is possible. I wouldn't say that is recommended but it should be possible. Now for VPN you should use the IP on the interface so I don't see any difference between that and using a separate physical interface.&nbsp;</P><P>Kind regards,</P><P>Jose Orozco.</P><P>&nbsp;</P> Sat, 22 Aug 2015 01:23:08 GMT https://community.cisco.com/t5/network-security/sun-interfaces/m-p/2747078#M192473 joseoroz 2015-08-22T01:23:08Z