Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
451
Views
0
Helpful
1
Replies

VLAN on ASA5505

Go to solution
Brendan Wood
Level 1
Level 1

‎01-24-2014 06:12 PM - edited ‎03-12-2019 06:06 PM

Hello,

I have configured my access point to have two SSID's, each with their own VLAN.

My challenge is to create a VLAN somehow on the ASA so that I can route traffic differently for each SSID.

Problem is:  I have limited knowledge of the ASA.  I am able to configure permissions, nats, and vpn, etc.

Can someone please guide me on how to create this vlan?

Also, I have a managed switch (Cisco SG-200-18)  atttached to the ASA5505 - I have the option to create a VLAN there also if necessary.

Most importantly, I have the SECURITY PLUS license.  I understand that this uncomplicates things as far as the number of VLANS you can have.

Thanks in advance.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
daniel.dib
Level 7
Level 7

‎01-24-2014 10:19 PM

You configure ports as access or trunk and then you configure SVI on the ASA in the same way as on a switch.

The configuration guide is here:

http://www.cisco.com/en/US/docs/security/asa/asa91/configuration/general/interface_start_5505.html#wp1125063

This is the basic configuration:

conf t

int e0/0

switchport mode trunk

switchport trunk allowed vlan 10, 20

no shut

!

int vlan 10

nameif SSID1

description SSID1

security-level 100

ip add x.x.x.x y.y.y.y

!

int vlan 20

nameif SSID2

description SSID2

security-level 100

ip add z.z.z.z y.y.y.y

That is if you have a trunk, otherwise use two ports and set them to access.

Daniel Dib
CCIE #37149

Please rate helpful posts.

Daniel Dib
CCIE #37149
CCDE #20160011

Please rate helpful posts.

View solution in original post

0 Helpful
1 Reply 1

Go to solution
daniel.dib
Level 7
Level 7

‎01-24-2014 10:19 PM

You configure ports as access or trunk and then you configure SVI on the ASA in the same way as on a switch.

The configuration guide is here:

http://www.cisco.com/en/US/docs/security/asa/asa91/configuration/general/interface_start_5505.html#wp1125063

This is the basic configuration:

conf t

int e0/0

switchport mode trunk

switchport trunk allowed vlan 10, 20

no shut

!

int vlan 10

nameif SSID1

description SSID1

security-level 100

ip add x.x.x.x y.y.y.y

!

int vlan 20

nameif SSID2

description SSID2

security-level 100

ip add z.z.z.z y.y.y.y

That is if you have a trunk, otherwise use two ports and set them to access.

Daniel Dib
CCIE #37149

Please rate helpful posts.

Daniel Dib
CCIE #37149
CCDE #20160011

Please rate helpful posts.
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card