cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
349
Views
4
Helpful
3
Replies
Beginner

Security levels on Subinterfaces on the Adaptive Security Appliance

Forum

I am working for a client today whom has a legacy ASA 5510 platform.  I am configuring sub interfaces on the interfaces on the appliance.

Do the subinterfaces that I create inheret the security level of the parent physical interface?  In other words, if I have G0/2 physical interface on the ASA set to a security level of 99, will all of the subinterfaces underneath of that physical interface inheret the security level configured on the physical interface?

 

Thank You!

 

 

3 REPLIES 3

Hello Kevin, On this case,

Hello Kevin,

 

On this case, once you have created the sub-interfaces you will have to get into each of them and add the security level, the physical interface won't inheret that configuration to the sub interfaces.

 

Let me know if you have another question!

 

Please don't forget to rate and mark as correct the helpful post!

 

Regards,

 

David Castro,

Highlighted
Beginner

Hi DavidSo does that mean

Hi David

So does that mean that I will have to not have a Security level on the physical? Is this like the IP address being on a subinterface and therefore IP's are not tacked up to the physical?

Also is it an option to have several sub-interfaces with the same security level of 100?  I ask this because these will all be inside interfaces for different  vlans...

 

Thank You!

Hall of Fame Guru

That's correct - the physical

That's correct - the physical parent interface does not have a nameif, IP address or security level (either explicit or derived).

Your subinterfaces can be any mix of security levels - all the same, all different or however you need.