cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
18705
Views
0
Helpful
4
Replies

How Many Vlans asa 5505 security plus support

ThomasMull9000
Level 1
Level 1

Hello Guys. i have asa 5505 adaptive security plus. and  i have only 3 vlans . outside , inside , DMZ restricted.

so it's working fine but i want to connect to my inside another private network,  so please can any one help me here . or do  i need to buy License.

and how i can activate the license key

Thank you very much

1 Accepted Solution

Accepted Solutions

Here is the explaination since i do not have idea about your topology.

Licensed features for this platform:

Maximum Physical Interfaces : 8        

VLANs                       : 3, DMZ Restricted

Inside Hosts                :10

Failover                    : Disabled

VPN-DES                     : Enabled  

VPN-3DES-AES                : Enabled  

VPN Peers                   : 10       

WebVPN Peers                : 2        

Dual ISPs                   : Disabled 

VLAN Trunk Ports            : 0        

This platform has a Base license.

Here is an example of the Security Plus License feature set:

Licensed features for this platform:
Maximum Physical Interfaces : 8        
VLANs                       : 20, DMZ Unrestricted
Inside Hosts                : Unlimited
Failover                    : Active/Standby
VPN-DES                     : Enabled  
VPN-3DES-AES                : Enabled  
VPN Peers                   : 25       
WebVPN Peers                : 2        
Dual ISPs                   : Enabled  
VLAN Trunk Ports            : 8        

This platform has an ASA 5505 Security Plus license.

Not explaination for DMZ restricted.

  • Only 10 hosts from the DMZ and LAN combined may communicated with the Outside interface at any one time.  
  • Only 2 fully-functional VLANs (inside and outside usually) are permitted.  The 3rd VLAN, typically a DMZ can only be activated with the "no forward vlan n" command which prevents it from initiated connections to one of the other VLANs, usually the inside

Just incase if yours is base then putting servers in inside zone connections from dmz wont allow. If you have security plus then should not be any issue . As you have mentioned about vlan IP ranges if all are part of inside then communicating with outside should not be an issue.

Thanks

Ajay

View solution in original post

4 Replies 4

ajay chauhan
Level 7
Level 7

hostname# show activation-key

This command will tell you what you have. Security plus support 20 vlans so should not be any issue.

so it's working fine but i want to connect to my inside another private network <<< Not very clear to understand what you are going to do. adding another vlan interface or just routers switches somewhere fall in inside network ?

Thanks

Ajay

Thank You Ajay.

i have 5 different private networks . and they are 192.168.1.x 192.168.2.x 192.168.3.x 192.168.4.x 192.168.5.x

. can i route all this for outside interface .

Thank you

Here is the explaination since i do not have idea about your topology.

Licensed features for this platform:

Maximum Physical Interfaces : 8        

VLANs                       : 3, DMZ Restricted

Inside Hosts                :10

Failover                    : Disabled

VPN-DES                     : Enabled  

VPN-3DES-AES                : Enabled  

VPN Peers                   : 10       

WebVPN Peers                : 2        

Dual ISPs                   : Disabled 

VLAN Trunk Ports            : 0        

This platform has a Base license.

Here is an example of the Security Plus License feature set:

Licensed features for this platform:
Maximum Physical Interfaces : 8        
VLANs                       : 20, DMZ Unrestricted
Inside Hosts                : Unlimited
Failover                    : Active/Standby
VPN-DES                     : Enabled  
VPN-3DES-AES                : Enabled  
VPN Peers                   : 25       
WebVPN Peers                : 2        
Dual ISPs                   : Enabled  
VLAN Trunk Ports            : 8        

This platform has an ASA 5505 Security Plus license.

Not explaination for DMZ restricted.

  • Only 10 hosts from the DMZ and LAN combined may communicated with the Outside interface at any one time.  
  • Only 2 fully-functional VLANs (inside and outside usually) are permitted.  The 3rd VLAN, typically a DMZ can only be activated with the "no forward vlan n" command which prevents it from initiated connections to one of the other VLANs, usually the inside

Just incase if yours is base then putting servers in inside zone connections from dmz wont allow. If you have security plus then should not be any issue . As you have mentioned about vlan IP ranges if all are part of inside then communicating with outside should not be an issue.

Thanks

Ajay

Thankl You Very Much Ajay. This is what i was looking for Great Information

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: