Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
476
Views
0
Helpful
3
Replies

5505 - use ports as switchport?

adrianhenderson
Level 1
Level 1

‎11-25-2010 07:41 PM - edited ‎03-11-2019 12:14 PM

I just installed an 5505 with a base licence.  They had a spam appliance configured years ago with an IP from the same block they have, so its accessible externally.  Right now to get this to work, i have to have a switch that the cable modem, ASA, and appliance plug in to.  Given the base licence, is there any way to configure a port on the ASA to 'pass' traffic' from the appliance to the WAN port and then inside without a DMZ, since I can't configure one?  Otherwise I guess its time to bring it inside the firewall!

Labels:
0 Helpful
3 Replies 3

Federico Coto Fajardo
VIP Alumni
VIP Alumni

‎11-25-2010 07:53 PM

Hi,

The ports on the ASA 5505 are switch ports.

So, they are layer 2 ports that are assigned to an interface VLAN to belong to a subnet.

With a base license you can have two fully operational interfaces (outside and inside) and you can assign the ports to any of those VLANs.

The outside interface and inside interface will be configured as interface VLANs (layer 3 interfaces).

If traffic comes into a port on the ASA, the ASA can either switch it back to another port on the same VLAN or route it to another port on the other VLAN.

Federico.

0 Helpful

adrianhenderson
Level 1
Level 1
In response to Federico Coto Fajardo

‎11-25-2010 07:57 PM

Any guides on this you are aware of? I was playing around with some settings like assigning another port the same interface and anbling traffic to flow from one interface to another of the same security level but it kept throwing an error.

0 Helpful

Syed Usaid K
Cisco Employee
Cisco Employee
In response to adrianhenderson

‎11-25-2010 10:13 PM

HI,

Here is the configuration guide for the ASA 5505

http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/int5505.html

you can assiign two interface in the same VLAN, however there are some restrictions if you have base license. Please follow the above guide, and get back if you have any queries.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card