05-22-2013 01:00 PM - edited 03-11-2019 06:47 PM
I have a customer who needs a 5512-X set up with two ports on the "Outside" interface and act like a switch on the outside. This is very easy to do with the way the ASA 5505 works just by creating vlans and treating the ports as members of the vlan.
Can anyone tell me the easy way (I'm sure there is one) to do this?
Thanks in advance.
John
05-22-2013 01:08 PM
Hi,
I cant really think of a way to do this with a ASA that doesnt have a built in switch module. And the ASA5505 is really the only one at that.
First I was thinking of Redundant interfaces (where you connect 2 physical interfaces to a single logical interface) but in this setup the other physical interface is always Standby and not active.
I too have used the ASA5505 to do exactly what you are asking but I cant think of a way to do this on the other ASA models.
What is the setup you are trying achieve with this?
- Jouni
05-22-2013 01:11 PM
Hi Jouni,
I'm basically trying to avoid having to buy an outside switch. Trying to reduce moving parts and failure points (simpler is better).
I'd rather not set up another "interface" name and set to same security and allow all traffic due to the complications of NAT down the road, although I think technically it would work...
Thanks for your input.
05-22-2013 01:19 PM
Hmm,
I kinda wonder if using the ASA in Multiple Context mode with mixed Routed and Transparent Security Contexts would in some way enable to do what you are attempting to do? I think in the newer softwares you can actually create both transparent and routed contexts.
I have never tried this yet so I cant give you an answer at the moment.
But I cant think of anything else.
To me it seems that with Security Plus license on your model the ASA would support Security Contexts
- Jouni
 
					
				
				
			
		
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide