https://community.cisco.com/t5/network-security/pix-515-subinterfaces/m-p/979120#M493680 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>There is no other way than to use VLANs.</P><P></P><P>The ASA interface will be configured as trunk, while for each VLAN you will configure subinterfaces. Assign one VLAN ID per interface.</P><P>The IP of the ASA on each subinterface will be the default gateway for the devices on that subnet.</P><P></P><P></P><P>interface GigabitEthernet0/1</P><P>description "Trunk Connectivity with SW"</P><P>speed 100</P><P>duplex full</P><P>no nameif</P><P>no security-level</P><P>no ip address</P><P>!</P><P>interface GigabitEthernet0/1.100</P><P>vlan 100</P><P>nameif VLAN100</P><P>security-level 80</P><P>ip address xxxxxxx</P><P>!</P><P>interface GigabitEthernet0/1.200</P><P>vlan 200</P><P>nameif VLAN200</P><P>security-level 70</P><P>ip address xxxxxxx</P><P>!</P><P>interface GigabitEthernet0/1.300</P><P>vlan 300</P><P>nameif VLAN300</P><P>security-level 60</P><P>ip address xxxxxxx</P><P></P><P>An example with VLANs and remote access VPNs:</P><P><A class="jive-link-custom" href="http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00806ab788.shtml" target="_blank">http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00806ab788.shtml</A></P><P></P><P></P><P>BTW, ASA does not have Native VLAN support. So if you need VLAN 1 for some reason, you need to create a subinterface for it.</P><P></P><P>Please rate if this helped.</P><P></P><P>Regards,</P><P>Daniel</P></BODY></HTML> Wed, 16 Jul 2008 16:05:51 GMT 5220 2008-07-16T16:05:51Z https://community.cisco.com/t5/network-security/pix-515-subinterfaces/m-p/979119#M493678 <P>Hi to all,</P><P>i need to configure a subinterface as inside and i want to know if i need to configure a vlan in order to make it work or if is possible to avoid the vlan.</P> Fri, 21 Feb 2020 10:55:29 GMT https://community.cisco.com/t5/network-security/pix-515-subinterfaces/m-p/979119#M493678 daysleeper 2020-02-21T10:55:29Z https://community.cisco.com/t5/network-security/pix-515-subinterfaces/m-p/979120#M493680 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>There is no other way than to use VLANs.</P><P></P><P>The ASA interface will be configured as trunk, while for each VLAN you will configure subinterfaces. Assign one VLAN ID per interface.</P><P>The IP of the ASA on each subinterface will be the default gateway for the devices on that subnet.</P><P></P><P></P><P>interface GigabitEthernet0/1</P><P>description "Trunk Connectivity with SW"</P><P>speed 100</P><P>duplex full</P><P>no nameif</P><P>no security-level</P><P>no ip address</P><P>!</P><P>interface GigabitEthernet0/1.100</P><P>vlan 100</P><P>nameif VLAN100</P><P>security-level 80</P><P>ip address xxxxxxx</P><P>!</P><P>interface GigabitEthernet0/1.200</P><P>vlan 200</P><P>nameif VLAN200</P><P>security-level 70</P><P>ip address xxxxxxx</P><P>!</P><P>interface GigabitEthernet0/1.300</P><P>vlan 300</P><P>nameif VLAN300</P><P>security-level 60</P><P>ip address xxxxxxx</P><P></P><P>An example with VLANs and remote access VPNs:</P><P><A class="jive-link-custom" href="http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00806ab788.shtml" target="_blank">http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00806ab788.shtml</A></P><P></P><P></P><P>BTW, ASA does not have Native VLAN support. So if you need VLAN 1 for some reason, you need to create a subinterface for it.</P><P></P><P>Please rate if this helped.</P><P></P><P>Regards,</P><P>Daniel</P></BODY></HTML> Wed, 16 Jul 2008 16:05:51 GMT https://community.cisco.com/t5/network-security/pix-515-subinterfaces/m-p/979120#M493680 5220 2008-07-16T16:05:51Z https://community.cisco.com/t5/network-security/pix-515-subinterfaces/m-p/979121#M493684 <HTML><HEAD></HEAD><BODY><P>the physical interface can pass untagged packets.</P><P><A class="jive-link-custom" href="http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/intrface.html#wp1044006" target="_blank">http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/intrface.html#wp1044006</A></P><P></P><P>what version OS does the pix515 use?</P></BODY></HTML> Wed, 16 Jul 2008 17:26:46 GMT https://community.cisco.com/t5/network-security/pix-515-subinterfaces/m-p/979121#M493684 srue 2008-07-16T17:26:46Z