cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
242
Views
0
Helpful
1
Replies

Requirement to use sub interfaces on ASA 5520 Firewall in failover config

arumugasamy
Level 1
Level 1

Dear All,

i recently involved in one of the ASA 5520 firewall installation. We ordered the 2 firewall with limited 4 ports to support the client's exsiting 7 Networks.Now we have found the port shortage to support the said number of the interfaces (7). I configured the firewall in LAN fialover usign 1 ports exach from the bothe firewall. Now we have 3 ports in eaxh firewall to support 7 networks (I Internal ,1 Outside, 5 DMZs).

Please could u give the solution to configured the sub interfaces to solve the issue. Client already bought the AIP-SSM for the slot in free.

Thanks in Advance.

swami

1 Reply 1

cpembleton
Level 4
Level 4

If the DMZ interface is connected to a switch create sub-interfaces and setup the switch port for do1q trunking.

interface GigabitEthernet0/3

description DMZ Interface

speed 100

duplex full

no nameif

no security-level

no ip address

no shut

interface GigabitEthernet0/3.20

description DMZ Subnet 1

vlan 20

nameif DMZ1

security-level 50

ip address X.X.X.X X.X.X.X

interface GigabitEthernet0/3.30

description DMZ Subnet 2

vlan 30

nameif DMZ2

security-level 50

ip address X.X.X.X X.X.X.X

Thanks,

Chad

Please rate if helpful!

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: