Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
306
Views
0
Helpful
2
Replies

ASA5505 - VLANS vs. Ethernet Interfaces

chrismisztur
Level 1
Level 1

‎03-21-2007 09:47 AM - edited ‎03-11-2019 02:50 AM

I am in the process of configuring my ASA5505. I have the Security+ license. I am finding that I have no choice but to use VLANS and then switchport my E0/* interfaces. Is this true or can I somehow get around this setup and assign IPs and Names to E0/* interfaces w/o using VLANs?

Labels:
0 Helpful
2 Replies 2

astroman
Level 1
Level 1

‎03-23-2007 01:06 PM

You've got 20 VLAN's available w/ Security + (but you prob know that already)...

You can't get around using VLAN's on interfaces, from what I've experienced...

Any reason why you can't do w/ VLAN's and switchporting interfaces vs. assigning IP's/names to interfaces?

http://www.cisco.com/en/US/products/ps6120/products_configuration_guide_chapter09186a0080636f89.html

0 Helpful

chrismisztur
Level 1
Level 1
In response to astroman

‎03-23-2007 08:23 PM

20 really? thru asdm must be.

I have experienced the same thing. VLANS rule!

I guess my understanding of VLANS vs physical int's wasn't up to par but Magnus solved the puzzle

remove the following lines from the config:

nat (DMZ) 1 access-list WEB1

global (outside) 1 webserver_real

And add the following lines:

static (DMZ,outside) webserver_real 192.168.2.2 netmask 255.255.255.255

access-list ACLIN permit tcp any host webserver_real eq 80

I still don't get why the asa prefers the public IP over the NAT. Wait I get it. Public IP rules.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card