Interfaces on 5510

Unanswered Question
Dec 16th, 2008

OK im new and will be asking lots of questions, im a checkpoint guy but we are switching to cisc ASA :) so going to take me a min to get used to.... but we have a brand new out of box 5510, which has 5 interfaces plus the management interface so 6 total , but in CLI and ASDM i only see 4 total including the management Interface why is this???

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (4 ratings)
Loading.
jeremy_compass Tue, 12/16/2008 - 08:33

This is purely due to licensing. The default license only includes 3 interfaces and the management interface.

nefkensp Tue, 12/16/2008 - 11:00

If you need more interfaces in the future, you can buy a license upgrade to the plus license which enables you to the 5 interfaces (the first two becoming gigabit ethernet) and more vlan support.

Also active/passive and active/active failover becomes available with that license upgrade.

So, if need comes for more physical interfaces, you don't need to replace the box..

jmmartina Tue, 12/16/2008 - 11:03

ohh you knwo im sure we got the active/passive stuff but like i said first time im done ASA if i purchase a device are the license online or they already installed?

nefkensp Tue, 12/16/2008 - 12:53

If you issue the command

"show version"

on the asa, it shows you the license.

You can buy the license upgrade from a cisco partner. You will then receive a document with a product activation key (PAK) and a url. You just go to that url, enter the serial number of the ASA and the PAK and you'll receive a new authentication key (4 or 6 groups of hexadecimal numbers) which you can then enter in the asa to get the plus license.

The plus license is already installed in the

ASA5510-SEC-BUN-K9, but the ASA5510-BUN-K9 is just the base license. The license partnr is ASA5510-SEC-PL=

Kind regards

P-J Nefkens

jmmartina Thu, 12/18/2008 - 05:59

ok well the issue was i was putting in two paks cause it sorta ask for all you have. But i tried just one with one s/n and it worked thanks.

But all interfaces show except for one and im wondering if its the IPS module, as im not familiar. But if your looking at the back of the ASA its by it self to the left. then in middle there is management port then to right there the 4 int's. So does this port not show up in ASDM under Interfaces? or is this a version issue? I notice when i try to go to IPS in ASDM it says:

ASDM will make a new connection to the IPS software running on the ssm module in this ASA system. etc etc etc

Then it gives me two choices

1)Management Ip address 192.168.1.2

2) Other ip or host

not sure whats its looking for here

Farrukh Haroon Tue, 12/16/2008 - 22:23

All you need to do is upgrade your ASA 5510 to 7.2.x (or later). Starting with 7.2.x Cisco removed the 3+1 interface restriction on the 5510 Base License. Now you can use all five interfaces without any restriction.

Please rate if helpful.

Regards

Farrukh

jmmartina Thu, 12/18/2008 - 07:48

OK im at 8.0(4) and still only show eth0/0 - eth0/3 and the management port, the other port isn't showing up?? we did get the IPS is that the IPS port?

Farrukh Haroon Fri, 12/19/2008 - 21:21

Five interfaces means 4 Regular Interface (Fast Ethernet) + 1 Management Interface. You can remove the 'management-only' command from the management interface and use it like any other interface.

Furthermore, with latest ASA code you can use the first two interfaces of the ASA 5510 as Gigabit Eth. interfaces, all you need to do is put the appropriate 'speed' command under eth0 and eth 1.

Regards

Farrukh

Actions

This Discussion