Trunk port configuration on ASA

Answered Question
Aug 4th, 2008
User Badges:

Hi All,


Do i need to configure trunk configuration on ASA interface which is carrying multiple VLAN traffic ?


Thanks

Madan

Correct Answer by dhananjoy chowdhury about 8 years 11 months ago

Just leave the physical interface as it is

Your config steps would be something like this...


int e0/1

no shut


hostname(config)# interface ethernet0/1.1

hostname(config-subif)# vlan 100

hostname(config-subif)# nameif inside100

hostname(config-subif)# security-level 100

hostname(config-subif)# ip address 10.0.0.1 255.255.255.0


hostname(config)# interface ethernet0/1.2

hostname(config-subif)# vlan 200

hostname(config-subif)# nameif inside200

hostname(config-subif)# security-level 100

hostname(config-subif)# ip address 20.0.0.1 255.255.255.0


For more you can refer here

http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/intrface.html#wp1044006



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
dhananjoy chowdhury Mon, 08/04/2008 - 11:07
User Badges:
  • Silver, 250 points or more

Hi,

On the ASA interface you need to create subinterfaces and put the VLAN id. And connect the physical port to the Trunk port on the switch.


Suppose if you are creating subinterfaces for interface e0/1 for vlans 100 and 200,


hostname(config)# interface ethernet0/1.1

hostname(config-subif)# vlan 100



hostname(config)# interface ethernet0/1.2

hostname(config-subif)# vlan 200

kr_madan Mon, 08/04/2008 - 11:26
User Badges:

What about the interface configuration

Interface e0/1 ?

Correct Answer
dhananjoy chowdhury Mon, 08/04/2008 - 11:30
User Badges:
  • Silver, 250 points or more

Just leave the physical interface as it is

Your config steps would be something like this...


int e0/1

no shut


hostname(config)# interface ethernet0/1.1

hostname(config-subif)# vlan 100

hostname(config-subif)# nameif inside100

hostname(config-subif)# security-level 100

hostname(config-subif)# ip address 10.0.0.1 255.255.255.0


hostname(config)# interface ethernet0/1.2

hostname(config-subif)# vlan 200

hostname(config-subif)# nameif inside200

hostname(config-subif)# security-level 100

hostname(config-subif)# ip address 20.0.0.1 255.255.255.0


For more you can refer here

http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/intrface.html#wp1044006



Actions

This Discussion