Solved: Removing Vlan from ASA

mahesh18 · ‎04-14-2014

Hi Everyone,

I need to remove vlan 20 from ASA 5520 which is in Active/Standby Mode.

Currently config from Active ASA

interface GigabitEthernet0/0.3
description Visitor
vlan 20
nameif dmz_visitor
security-level 4
ip address 192.168.50.1 255.255.255.0 standby 192.168.50.2

Regards

MAhesh

Marvin Rhoads · ‎04-14-2014

Mahesh,

Normally we would remove the complete subinterface (gi0/0.3 in your example) from global configuration mode:

no int gi0/0.3

The interface mode command "vlan 20" would not normally be removed but if you instead want to change it, just entering a new "vlan __" command (in interface configuration mode) will replace the existing one.

View solution in original post

Marvin Rhoads · ‎04-15-2014

I did not mean it has "interface vlan 20" but rather that "vlan 20" is a command that is only valid when in (sub)interface configuration mode

In any case - that's correct: just remove the subinterface which includes the "vlan 20" command within it.

View solution in original post

Marvin Rhoads · ‎04-14-2014

Mahesh,

Normally we would remove the complete subinterface (gi0/0.3 in your example) from global configuration mode:

no int gi0/0.3

The interface mode command "vlan 20" would not normally be removed but if you instead want to change it, just entering a new "vlan __" command (in interface configuration mode) will replace the existing one.

mahesh18 · ‎04-14-2014

Hi MArvin,

ASA is 5520 so it does not have int vlan 20.

Seems no int gi0/0.3 should remove everything including vlan 20 right?

Regards

MAhesh

Marvin Rhoads · ‎04-15-2014

I did not mean it has "interface vlan 20" but rather that "vlan 20" is a command that is only valid when in (sub)interface configuration mode

In any case - that's correct: just remove the subinterface which includes the "vlan 20" command within it.

mahesh18 · ‎04-15-2014

Many thanks Marvin.

Best Regards

MAhesh