cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
401
Views
0
Helpful
4
Replies

ASA VLAN Question

f00f1ter
Level 1
Level 1

When I configure subinterfaces on an ASA, how does the security level of the physical interface interact with the security levels of the subinterfaces? Can I make the subinterfaces security levels different from the security level of the physical interface and how is this handled?

TIA

4 Replies 4

Hi,

Every subinterface may have an own security level; sure you may have different security level for every interface.

I hope this helps.

Best regards.

Massimiliano.

Thank you for your reply, Massimiliano. Does the security level of the physical interface affect the subinterfaces in any way?

Thanks

No, it does not, when you set the security levels for sub interfaces, it does not have any interaction with the security level set on the physical interfaces. Routing is not possible between these interfaces unless you want this to happen then you use a certain command in the ios, if you need this command let me know and i will point you in right direction.

No,the security level of physical interface shouldn't affect the security level of sub-interfaces.

interface Ethernet0

nameif outside

security-level 0

no ip address

pixfirewall(config-if)# show run int e0.1

!

interface Ethernet0.1

vlan 2

nameif vlan2

security-level 25

no ip address

pixfirewall(config-if)# show nameif

Interface Name Security

Ethernet0 outside 0

Ethernet0.1 vlan2 25

HTH

Sundar

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: