Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2123
Views
20
Helpful
6
Replies

ASA Interface with WAN IP and Subinterface/VLAN

Go to solution
PJSpyro
Level 1
Level 1

‎11-23-2020 10:59 AM

Hello all!

I am working with a vendor to pass a certain VLAN between 2 sites of an organization so that phone calls can be made by extensions and not having to dial a 10 digit number. I only have access to the 1 of the sites firewalls and I have been asked to add a subinterface to the outsideif of the ASA. From what I have read I should be able to create this interface but it is not recommended.

 

As this is being done remotely I am worried about losing connectivity to my site. If I create the subinterface should I expect any kind of loss on the physical portion of the interface when configured?

 

Thanks!

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Mohammed al Baqari
Level 11
Level 11

‎11-24-2020 09:57 PM

Hi,

Creating sub-interfaces will not cause a connectivity lose as long as you
don't break the existing routing. Otherwise, it will not cause issues.


**** please remember to rate useful posts

View solution in original post

6 Replies 6

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎11-23-2020 11:45 AM

Instead of that, you can have another SIP peering between your site make your dial plan dial with 8-extension number to route between sip call between office is the best option rather making complicated with ASA FW.

 

is that make sense ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Go to solution
PJSpyro
Level 1
Level 1
In response to balaji.bandi

‎11-24-2020 07:36 AM

Hey Balaji, I understand your suggestion. Unfortunately I am not in a position to make any changes to the phone system. A vendor handles the configurations for the phone system and the firewall at the other site, so I can only make changes on the firewall on the site I manage. 

 

The main thing for me at this time is to ensure that I do not loose connectivity to this site as I would be making all configuration changes remotely. 

 

I appreciate the suggestion. 

0 Helpful

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame
In response to PJSpyro

‎11-25-2020 12:14 AM

I understand - i only suggest best so you can make more changes, but you have out of control, then you need to move as per the plan. to create an interface and handover to another party.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Go to solution
Mohammed al Baqari
Level 11
Level 11

‎11-24-2020 09:57 PM

Hi,

Creating sub-interfaces will not cause a connectivity lose as long as you
don't break the existing routing. Otherwise, it will not cause issues.


**** please remember to rate useful posts

Go to solution
Aref Alsouqi
VIP
VIP

‎11-25-2020 03:14 PM

No, as mentioned by @Mohammed al Baqari creating a sub-interface will not cause any connectivity issues. However, one thing I would always recommend when working remotely is to schedule a reload in x mins. That would be your last resort to bring back the device online if something wrong happens. To do so, I would save the device configs before getting started with the new changes, and then will issue the command reload in <amount of minutes to reload>, apply the new changes, and then right after I finish I cancel the scheduled reload with the command reload cancel

Go to solution
PJSpyro
Level 1
Level 1

‎12-09-2020 10:23 PM

Sorry for the late reply. 

 

Thank you for all of the response in this thread, I was able to get my side of the configuration completed and is now passing traffic!

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card