ā10-25-2012 08:06 AM - edited ā03-11-2019 05:14 PM
I was posed a question and am not sure of the answer.
Can you assigne separate zones to subinterfaces on the same intface with ZPF?
In other words, if I have 3 subinterfaces leaving one physical interface on a router, can I have 3 separate zones?
The rule states that there can be only one zone per interface, but is that physical, virtual, or either?
Thanks
ā10-25-2012 10:00 AM
Hello Dean,
Yes you can setup that ( one zone per sub-interface)
Regards,
Julio
ā02-28-2013 05:36 AM
Hi jcarvaja,
I have a similar question, but in another way:
I have 2 sub interface in a single physical interface.
If I set this PHYSICAL interface into a zone, will the zone policies be valid for all sub interfaces? Or do I have to explicitly set each sub interface to the same zone?
Thanks,
Leo.
ā02-28-2013 08:26 AM
You have to explicitly allocate each subinterface to a certain zone.
ā11-13-2019 01:51 AM
How is that done?
ā11-17-2019 12:09 AM
Create your zones:
zone security lan1 zone security lan2 zone security lan3 ...
On your sub interfaces:
!
interface GigabitEthernet0/1.1 zone-member security lan1 ! interface GigabitEthernet0/1.2 zone-member security lan2 ! interface GigabitEthernet0/1.3 zone-member security lan3 ! ...
Simples!
ā11-17-2019 04:47 AM
ā11-13-2019 01:52 AM
Can you provide more details or steps into how to achieve this/?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide