Using SubInterfaces with ASA 5510

Unanswered Question
Jun 17th, 2009

Dear All,

I have ASA 5510, and I want to use one Ethernet port of it as like sub-interfaces in which I want it to have two IPs.

Somebody told me that I can configure something called virtual zones !

consulting your expertise, how can I do this?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
robertson.michael Wed, 06/17/2009 - 12:30


As Andrew mentioned, you probably want to setup subinterfaces like this:

interface GigabitEthernet0/2

no nameif

no security-level

no ip address


interface GigabitEthernet0/2.5

vlan 5

nameif admin

security-level 100

ip address


interface GigabitEthernet0/2.50

vlan 50

nameif sales

security-level 60

ip address


You can then treat the subinterfaces like regular interfaces (apply ACLs, NAT, etc.).

Hope that helps.



This Discussion