ASA 5525-New created sub-interface is not showing up in firewall area

Awacs2000 · ‎02-01-2024

My customer has a ASA 5525 with version 9.14(4)7 and ASDM 7.18(1)152
He created a new VLAN-sub-interface below his port-channel6. So far so good.
But when he wants to create rules for this new vlan, the section is missing in the firewall configuration-area.
Total sub-interfaces on this port-channel are 39 currently.
I rebooted the cluster and updated ASDM, but this this not help

Any ideas?

MHM Cisco World · ‎02-01-2024

Vlan and subinterface? One of them must use not both.

Can i see the config

MHM

Awacs2000 · ‎02-01-2024

This is the config. All other subinterfaces are OK and they are able to create rules for them in the firewall area.

Awacs2000 · ‎02-01-2024

Ping to the Interface is possible

MHM Cisco World · ‎02-01-2024

this connect to SW in trunk and you allow VLAN 771?
MHM

MHM Cisco World · ‎02-01-2024

ASA 5525 base license can have up to 200 vlan (not per port but per asa "global")

So if you have subinterface with vlan more than 200 you face license issue' to make sure shut one unused subinterface and check this new one are it appear or not.

If you have less than 200 then check vlan allow in trunk in SW

MHM

Awacs2000 · ‎02-01-2024

I checkes withe the customer and the VLAN is configured on the switch and on the trunk towards the ASAs.
Strange thing.

MHM Cisco World · ‎02-01-2024

Then last thing check number of vlan is it more than 200 it can license issue.

MHM

Awacs2000 · ‎02-01-2024

No, the number of VLANs is below 200. Not even 100.

Awacs2000 · ‎02-01-2024

I think I solved it. Simple thing. I just said "Add Access rule" and voilá there it was in the dropdown-menu.

MHM Cisco World · ‎02-01-2024

glad issue is simple and solved
have a nice day friend

MHM