10-18-2013 08:53 AM - edited 03-11-2019 07:53 PM
hi all,
i'm trying to create an active-active failover scenario in GNS3 and encountered this error:
ASA1/admin(config)# interface GigabitEthernet0.1
ASA1/admin(config-if)# nameif inside
ERROR: VLAN must be configured for interface GigabitEthernet0.1
i've tried searching and read it's due to a license issue. i seem to have the right license but i could be mistaken.
please advise how to correct this and be able to assign nameif on interfaces for different contexts.
Licensed features for this platform:
Maximum Physical Interfaces : Unlimited perpetual
Maximum VLANs : 100 perpetual
Inside Hosts : Unlimited perpetual
Failover : Active/Active perpetual
VPN-DES : Enabled perpetual
VPN-3DES-AES : Enabled perpetual
Security Contexts : 2 perpetual
GTP/GPRS : Disabled perpetual
AnyConnect Premium Peers : 5000 perpetual
AnyConnect Essentials : Disabled perpetual
Other VPN Peers : 5000 perpetual
Total VPN Peers : 0 perpetual
Shared License : Disabled perpetual
AnyConnect for Mobile : Disabled perpetual
AnyConnect for Cisco VPN Phone : Disabled perpetual
Advanced Endpoint Assessment : Disabled perpetual
UC Phone Proxy Sessions : 2 perpetual
Total UC Proxy Sessions : 2 perpetual
Botnet Traffic Filter : Disabled perpetual
Intercompany Media Engine : Disabled perpetual
ASA1/admin# sh run
: Saved
:
ASA Version 8.4(2) <context>
!
hostname ASA1
enable password 8Ry2YjIyt7RRXU24 encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
names
!
interface GigabitEthernet0.1
no nameif
security-level 100
ip address 192.168.1.10 255.255.255.0 standby 192.168.1.11
!
interface GigabitEthernet1.1
no nameif
security-level 0
ip address 209.165.200.226 255.255.255.224 standby 209.165.200.227
!
pager lines 24
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
user-identity default-domain LOCAL
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart
telnet timeout 5
ssh timeout 5
no threat-detection statistics tcp-intercept
!
!
Cryptochecksum:57191e590c98e3c8310e7f9469c9dd52
: end
Solved! Go to Solution.
10-18-2013 09:45 AM
Hello John,
Do it from the system context!
Remember to rate all of the helpful posts..
10-18-2013 09:35 AM
Hello John,
The error is not related to Active/Active failor nor licenses.
You are trying to configure a sub-interface and for that to happen you must assign a VLAN tag to it:
interface gig 0.1
vlan #
Afterwards let us know,
Regards,
Jcarvaja
10-18-2013 09:40 AM
Julio,
I believe I've tried that command earlier but it wasn't accepted.
Let me double check again when I get back to my PC.
Sent from Cisco Technical Support iPhone App
10-18-2013 09:45 AM
Hello John,
Do it from the system context!
Remember to rate all of the helpful posts..
10-18-2013 07:06 PM
julio,
sorry for being such a noob. thanks for your help!
ASA1/admin# changeto context system
ASA1# configure terminal
ASA1(config)# interface gigabitethernet0.1
ASA1(config-subif)# ?
Interface configuration commands:
default Set a command to its defaults
description Interface specific description
exit Exit from interface configuration mode
help Interactive help for interface subcommands
no Negate a command or set its defaults
shutdown Shutdown the selected interface
vlan Configure VLAN identifier
ASA1(config-subif)# vlan 10
ASA1(config-subif)# interface gigabitethernet1.1
ASA1(config-subif)# vlan 20
ASA1(config-subif)# show run interface gigabitethernet0.1
!
interface GigabitEthernet0.1
vlan 10
ASA1(config-subif)# show run interface gigabitethernet1.1
!
interface GigabitEthernet1.1
vlan 20
ASA1(config-subif)# end
ASA1# changeto context admin
ASA1/admin# configure terminal
ASA1/admin(config)# interface GigabitEthernet0.1
ASA1/admin(config-if)# nameif inside
ASA1/admin(config-if)# interface GigabitEthernet1.1
ASA1/admin(config-if)# nameif outside
ASA1/admin(config-if)# show run interface GigabitEthernet0.1
!
interface GigabitEthernet0.1
nameif inside
security-level 100
ip address 192.168.1.10 255.255.255.0 standby 192.168.1.11
ASA1/admin(config-if)# show run interface GigabitEthernet1.1
!
interface GigabitEthernet1.1
nameif outside
security-level 0
ip address 209.165.200.226 255.255.255.224 standby 209.165.200.227
10-18-2013 11:14 PM
Hello,
Hey man my pleasure to help and come on you are far away from a noob.
I have seen you answering a lot of questions lately, you are learning a lot man.
Keep it up!
Jcarvaja
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: