Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
359
Views
0
Helpful
1
Replies

Cisco trustsec ASA sub-interface

Chi Fai Leung
Level 1
Level 1

‎09-19-2016 05:45 AM - edited ‎03-11-2019 12:05 AM

Tested the Trustsec on ASA, that could not apply when the ASA defined the sub-interface to connect the PortChannel of Switch? Anyone tested and got the same of result?

Labels:
0 Helpful
1 Reply 1

Ryan Wolfe
Level 5
Level 5

‎09-19-2016 10:13 AM

Hello,

Are you referring to applying inline tagging on an ASA subinterface?

If so, I do not believe inline SGT tagging is supported on logical interfaces (such as sub-interfaces).

This documentation seems to support this: https://www.cisco.com/c/en/us/td/docs/security/asa/asa93/configuration/general/asa-general-cli/aaa-trustsec.html#93713

Please look under the Layer 2 Imposition section:

Layer 2 SGT Imposition

  • Supported only on physical interfaces, VLAN interfaces, port channel interfaces, and redundant interfaces.
  • Not supported on logical interfaces or virtual interfaces, such as BVI.

HTH, 

Ryan

0 Helpful
Customers Also Viewed These Support Documents