Hi,
I'm trying to figure out how to deploy a Cisco ASA 5512-X IPS inline in bridge mode on an ethernet trunked interface.
switch1--------------vlan10,20----------------ASA IPS--------------vlan10,20----------------switch2
I basically want to drop the IPS inline without changing the existing switch configuration. Its works fine on a non trunked interface but when I configure it similar to the config below I hit the issue that I cant assign 2 separate interfaces to the same VLAN. The exact error is as follows
ERROR: VLAN 10 has been assigned to another interface.
This is such a common scenario I cant imagine there isnt a solution but I cant find one. Does anyone know ?
Thanks in advance
interface Ethernet0/2.10
vlan 10
nameif INSIDETEN
security-level 100
bridge-group 10
!
interface Ethernet0/2.20
vlan 20
nameif INSIDETWENTY
security-level 100
bridge-group 20
!
interface Ethernet0/3.10
vlan 10
nameif OUTSIDETEN
security-level 0
bridge-group 10
!
interface Ethernet0/3.20
vlan 20
nameif OUTSIDETWENTY
security-level 0
bridge-group 20
!
interface BVI10
ip address x.x.x.x y.y.y.y
interface BVI20
ip address x.x.x.x y.y.y.y
It doesn't work, I can't configure the VLANs on two different interfaces.
ASA(config-subif)# vlan 10
ERROR: VLAN 10 has been assigned to another interface