We currently have an ASA 5510 as our edge firewall that is connected on e0/1 to our core switch, a 4510R+E. The connection from the ASA is to an access port (vlan 99) on the 4510. I would like to migrate this configuration to subinterfaces on the ASA. I would like to have the existing configuration applied to e0/1 migrate to e0/1.1 and then add e0/1.2 for a guest wireless vlan. What is the best way to make these changes without having to completely reconfigure the ASA? I know I will need to trunk the connection from the ASA to the 4510 but I am looking for the best way to make these changes without having to completely reconfigure the ASA.
While I would probably myself configure this so that I would leave out all configurations on the current physical interface Ethernet0/1 I think there is an option for you which enabled you to leave the current interface configuration intact and just start adding subinterfaces to the physical interface Ethernet0/1.
To my understanding you could do the following
I am a bit rusty on the switching side but the above is to my understanding what you could do. This should mean that you would not have to change anything on the ASA side. Ofcourse you would be adding the subinterfaces and their configurations but nothing that would change the current setup.
Naturally the switch side configuration change to Trunk would cause outage in your setup.
Hope this helps
Please do remember to mark a reply as the correct answer if it answered your question.
Feel free to ask more if needed.
Thank you. Very intriguing approach. It makes sense. I will try this in our lab setup and see what happens...
I appreciate your quick reply,