Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
249
Views
0
Helpful
1
Replies

Requirement to use sub interfaces on ASA 5520 Firewall in failover config

arumugasamy
Level 1
Level 1

‎05-16-2007 04:02 AM - edited ‎03-11-2019 03:14 AM

Dear All,

i recently involved in one of the ASA 5520 firewall installation. We ordered the 2 firewall with limited 4 ports to support the client's exsiting 7 Networks.Now we have found the port shortage to support the said number of the interfaces (7). I configured the firewall in LAN fialover usign 1 ports exach from the bothe firewall. Now we have 3 ports in eaxh firewall to support 7 networks (I Internal ,1 Outside, 5 DMZs).

Please could u give the solution to configured the sub interfaces to solve the issue. Client already bought the AIP-SSM for the slot in free.

Thanks in Advance.

swami

Labels:
0 Helpful
1 Reply 1

cpembleton
Level 4
Level 4

‎05-16-2007 05:53 AM

If the DMZ interface is connected to a switch create sub-interfaces and setup the switch port for do1q trunking.

interface GigabitEthernet0/3

description DMZ Interface

speed 100

duplex full

no nameif

no security-level

no ip address

no shut

interface GigabitEthernet0/3.20

description DMZ Subnet 1

vlan 20

nameif DMZ1

security-level 50

ip address X.X.X.X X.X.X.X

interface GigabitEthernet0/3.30

description DMZ Subnet 2

vlan 30

nameif DMZ2

security-level 50

ip address X.X.X.X X.X.X.X

Thanks,

Chad

Please rate if helpful!

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card