10-05-2012 02:48 AM - edited 03-11-2019 05:04 PM
Hi,
I want to configure multiple DHCP configuration on ASA 5505. Please assist me for same.
I tried to create sub interface for different IP Pool but it was not configure on ASA 5505. is it possible to create subinterface on ASA 5505?
ASA 5505 IOS version: 8.3(1)
License: Security Plus
Thanks & Regards,
Dhaval Dikshit
10-05-2012 02:54 AM
Hi,
The ASA only supports one DHCP pool per interface. That pool can be only a network range of /24 = 255.255.255.0
I rarely use ASA5505 but I think on it you use different Vlan interfaces, not actual subinterfaces of the ports on the ASA.
Also the number of Vlans and Trunking is pretty limited on the ASA5505 compared to other models of the ASA.
So in other words I think you can create more VLan interfaces on the ASA5505 and apply them to Access Mode or Trunk ports BUT you can only have 1 DHCP pool per Vlan interface
EDIT: Typo with the network mask
- Jouni
10-05-2012 03:33 AM
Hi Jouni,
Thanks.
We are using nameif command foe inside and outside configuration. In that case how can I configure trunk port for differance inside (LAN) IP pools ?
Thanks & Regards,
Dhaval
10-08-2012 10:25 PM
Any suggestion?
Thanks & Regards,
Dhaval
10-09-2012 04:26 AM
Hi,
I don't have an ASA5505 at my disposal at the moment.
But i'd guess the configuration of the trunk is identical to a Cisco switch
I'm not sure about all the command formats.
The below should basicly configure OUTSIDE interface and 3 LAN interfaces and add those 3 Vlans to the trunk interface leading to your LAN switches. Each LAN Vlan interface also has its own DHCP pool.
Ofcoure the below configurations lacks alot of other configurations but it should be something like this with regarding to DHCP and interfaces on the ASA
interface Vlan2
description OUTSIDE
nameif outside
security-level 0
ip address x.x.x.x y.y.y.y
interface Vlan10
description LAN1
nameif lan1
security-level 100
ip add 10.10.10.1 255.255.255.0
interface Vlan20
description LAN2
nameif lan2
security-level 100
ip add 10.10.20.1 255.255.255.0
interface Vlan30
description LAN3
nameif lan3
security-level 100
ip add 10.10.30.1 255.255.255.0
same-security-traffic permit inter-interface
- Permits traffic between interfaces with same security-level
interface Ethernet0
description OUTSIDE
switchport mode access
switchport access vlan 2
interface Ethernet1
description LAN TRUNK
switchport mode trunk
swtichport trunk allowed vlan 10,20,30
dhcpd address 10.10.10.100-10.10.10.120 lan1
dhcpd dns x.x.x.x y.y.y.y
dhcpd enable lan1
dhcpd address 10.10.20.100-10.10.20.120 lan2
dhcpd dns x.x.x.x y.y.y.y
dhcpd enable lan2
dhcpd address 10.10.30.100-10.10.30.120 lan3
dhcpd dns x.x.x.x y.y.y.y
dhcpd enable lan3
- Jouni
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide