Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1575
Views
0
Helpful
2
Replies

Firepower 1010 - Help configuring "outside" with trunk ports

IamSamSaul
Level 1
Level 1

‎09-23-2019 04:57 AM

Hi there,

 

I got a customer with an old Cisco ASA 5505 with various VLANs. They are now migrating to Firepower 1010. In their existing Cisco ASA their "outside" is connected to their WAN CPE with the following configuration:

 

!
interface Ethernet0/0
switchport access vlan 100
switchport trunk allowed vlan 100
switchport mode trunk
speed 100
duplex full
!
interface Vlan100
nameif outside
security-level 0
ip address 10.10.10.100 255.255.255.248
!

According to their WAN provider, it should be configured as above. I have tried to give the interface Ethernet0/0 directly the IP address 10.10.10.100 255.255.255.248, but it wasn't working.

 

How I can configure this on Firepower 1010? Any help or advice will be highly appreciated.

 

Thanks & Regards,

 

Sam

Labels:
0 Helpful
2 Replies 2

Marvin Rhoads
Hall of Fame
Hall of Fame

‎09-23-2019 07:36 AM

Seem like they are expecting a switched interface with trunking.

Try making the port connected to the ISP (normally Ethernet 1/1) a parent interface (remove any address and name from it) and then adding a new subinterface to it with the 10.10.10.100 address and assign the VLAN ID of 100.

That should result in a trunk port tagged with VLAN 100.

0 Helpful

IamSamSaul
Level 1
Level 1
In response to Marvin Rhoads

‎09-23-2019 08:59 AM

Hi Marvin,

 

Thanks for your reply. I'll try that and let you know it it worked. 

 

Thanks & Regards, 

Sam

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card