Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
733
Views
9
Helpful
5
Replies

asa 5510 security context

itindia
Level 1
Level 1

‎02-25-2008 03:39 AM - edited ‎03-11-2019 05:08 AM

Would like to know the exact functionality of Security context in ASA.

I need to create some 30-35 vlan on subinterface of the firewall.

According to daga sheet ASA5510 with security plus licenses support only 25 Vlans.Is it the limit or something else.

Does that mean I cann't create 30-35 subinterfaces on ASA 5510 and assign them as diffrent vlan name?

Thanks in advance.

Reg,

sushil

Labels:
0 Helpful
5 Replies 5

Collin Clark
VIP Alumni
VIP Alumni

‎02-25-2008 03:53 AM

An ASA5510 will support 50 VLANS and with the Security Plus license 100. A Security Context is a virtual firewall not a VLAN, but they are usually used together. Here's a link for more info on Security Contexts:

http://cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00808d2b63.shtml

HTH

itindia
Level 1
Level 1
In response to Collin Clark

‎02-26-2008 12:19 AM

thanks for your reply.

I hve one doubt over the no. of vlans.

spec sheet says 25 vlans allowed.Is it per security context or something else.

moreover I need to create some 30-35 subinterfaces on single physical interface of my ASA 5510.Does this hold some limit to create subinterfaces and assigning to VLAN.

Reg,

Sushil

0 Helpful

Collin Clark
VIP Alumni
VIP Alumni
In response to itindia

‎02-26-2008 06:39 AM

Here's a link to the datasheet which shows 50 VLANs. What doc are you looking at? I don't think you will be able to create more VLAN interfaces than you're licensed for.

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/product_data_sheet0900aecd802930c5.html

itindia
Level 1
Level 1
In response to Collin Clark

‎02-26-2008 08:28 PM

Thanks I got it.

Here related to same want to freeze the right product for my customer.

Will create some 30 Vlans and will keep minimum 6 to 8 user in each of them.They will just browse the internet nothing else.

Question:

1. will 5510 will be able to solve the purpose on this much load or need to go with 5520?I will create vlans on ASA and trunk to L2 switch.

2. Will 2960 switch with 48 port can fulfill my requirement?and after each port on switch can i use small switches of 8 or 16 port for individual Vlan users.

Reg,

Sushil

0 Helpful

Collin Clark
VIP Alumni
VIP Alumni
In response to itindia

‎02-27-2008 06:03 AM

Do you really need to segment your users? Can you use a layer 3 to do it? A 2960 can trunk just fine, so it would work that purpose.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card