cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
388
Views
0
Helpful
3
Replies

interface vlan

Gerard Gacusan
Level 1
Level 1

I have a PIX 525 and ASA5510 with version 8.0 ... with unrestricted license.

when i try to create interface vlan on any of the device, i have no option to do this.

ASA(config)interface?

configure mode commands/options: Ethernet IEEE 802.3 Redundant Redundant Interface <cr>

Anything i need to enable this feature?

Thank you gerard

3 Replies 3

JORGE RODRIGUEZ
Level 10
Level 10

To create virtual interface you have to do it with subinterfaces, in other words if you are trying comeup with more logical interfaces you have to use 802.1q trunk to whicever switch you are using and create your L2 vlans in the switch pertaining to each subinterface you create in the firewall and map your switchports accordinly to proper vlans.

http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/intrface.html#wp1044006

Jorge Rodriguez

I'm trying to check the sample config below with vlan interfaces, looks different than in the documentation. There's no sub-interfaces specified ...

Primary Unit Configuration for Example 16

passwd g00fba11

enable password gen1u$

hostname Buster

asdm image disk0:/asdm.bin

boot system disk0:/image.bin

interface vlan 2

description Primary ISP interface

nameif outside

security-level 0

ip address 209.165.200.224 standby 209.165.200.225

backup interface vlan 4

no shutdown

interface vlan 1

nameif inside

security-level 100

ip address 192.168.1.1 255.255.255.0

no shutdown

interface vlan 3

nameif dmz

security-level 50

ip address 192.168.2.1 255.255.255.0

no shutdown

interface vlan 4

description Backup ISP interface

nameif backup-isp

security-level 0

ip address 209.168.202.128 standby 209.168.202.129

no shutdown

interface vlan 5

description LAN Failover Interface

interface ethernet 0/0

switchport access vlan 2

no shutdown

interface ethernet 0/1

switchport access vlan 4

no shutdown

interface ethernet 0/2

switchport access vlan 1

no shutdown

interface ethernet 0/3

switchport access vlan 3

no shutdown

interface ethernet 0/4

switchport access vlan 5

no shutdown

That is from an ASA5505 - vlan interfaces on the ASA series is only possible on the 5505. as a previous poster said, you need to use subinterfaces if you want more than the number of physical interfaces.

Review Cisco Networking for a $25 gift card