Solved: DMZ interface on ASA 5506-X

johncaston_2 · ‎03-24-2015

Hi All,

I'm in the process of designing a network solution for a client and sales have proposed the ASA 5506-X firewall. I have a requirement for a DMZ zone. I recall that the 5505 only supported inside and outside interfaces.

can anyone confirm that the 5506-X supports 3 interfaces?

PS; we'll have the Security Plus license

thanks in advance

John

Marius Gunnerud · ‎03-28-2015

This ASA is not like the 5505 so it can not really be compaired to it. Running the base license you are not restricted to the number of active VLANs you are allowed to have, but instead you are restricted by the number of total VLANs you are allowed to configure on the device.

I have the 5506 with security plus license at home and am restricted to 30 VLANs.

--

Please remember to select a correct answer and rate helpful posts

--
Please remember to select a correct answer and rate helpful posts

View solution in original post

Vibhor Amrodia · ‎03-25-2015

Hi,

I don't think this ASA has any restriction as that of ASA 5505.

Refer:-

http://www.cisco.com/c/en/us/td/docs/security/asa/asa93/configuration/general/asa-general-cli/intro-license.html/index.html

http://www.cisco.com/c/en/us/td/docs/security/asa/hw/maintenance/5506xguide/b_Install_Guide_5506/b_Install_Guide_5506_chapter_01.html#concept_AB8781B76BBA4209955B8C7F2B71772A

Thanks and Regards,

Vibhor Amrodia

johncaston_2 · ‎03-25-2015

Thanks Vibhor,

I've been searching through those data sheets and guides all afternoon but couldn't find anything specifically stating if it had 2, 3 or more configurable interfaces; you would think it would support a 3rd zone but then it is the bottom of the range!!!

cheers,

John

Vibhor Amrodia · ‎03-25-2015

Hi,

Still as per your requirement , I think you should be fine with this ASA as i am sure it has no such restrictions.

Thanks and Regards,

Vibhor Amrodia

johncaston_2 · ‎03-26-2015

OK thanks Vibhor,

I'll give it a go and see what happens

many thanks,

John

Marius Gunnerud · ‎03-28-2015

This ASA is not like the 5505 so it can not really be compaired to it. Running the base license you are not restricted to the number of active VLANs you are allowed to have, but instead you are restricted by the number of total VLANs you are allowed to configure on the device.

I have the 5506 with security plus license at home and am restricted to 30 VLANs.

--

Please remember to select a correct answer and rate helpful posts

--
Please remember to select a correct answer and rate helpful posts

sciarrino · ‎11-13-2015

I have a 5508x and just tring to use 3 physical interfaces with different Namedif

And I get this.. "with the current License device will only support 2 fully funtional interfaces............."

The CLI lets me add it tho?

Marius Gunnerud · ‎11-14-2015

If I am guessing correctly you are using the ASDM to configure the ASA. You should not have this issue when using the CLI.

If my assumption is correct, then you are running into the following bug:

https://tools.cisco.com/bugsearch/bug/CSCuw09242/?referring_site=bugquickviewredir

--

Please remember to select a correct answer and rate helpful posts

--
Please remember to select a correct answer and rate helpful posts

sciarrino · ‎11-16-2015

That Fixed now on to the next bug, that the ASDM will not load on windows 10.

https://tools.cisco.com/bugsearch/bug/CSCuw54048/?reffering_site=dumpcr

Thanks..