I am working on ASA5510 which has 3 ethernet interfaces. I have allocated outside, inside, DMZ for each interface. But I want to configure two subnets on inside interface.
I found there are 4 physical ports in the ethernet interface. The light is on when I pluged a device into the fourth port, but I can't do anything on it. Is it possible to use this port?
If not, can we use management interface as a subnetwork interface? or use subinterface on inside interface?
If you have cco account for software download access load the latest version 8.2(1) [asa821-k8.bin] along with asdm version 6.2 (asdm-621.bin), even though is ED (early deployment) status I have been running it with no issues.
software download CCO login required
looked at asa811-smp-k8.bin code,this code is meant to be loaded on ASA5580-20 and ASA5580-40 models only based on software download description notes. You can try 8.0(2) asa802-k8.bin - this is release notes for 802 for reference http://www.cisco.com/en/US/docs/security/asa/asa80/release/notes/asarn80.html
in cd there shoudl be asdm image for 802 version as well, you will need asdm upgrade for 802... but if you have cco access download latest codes.
as usual when upgrading backup current code and asdm immage as well as your config to an tftp server, save the output of "show version" .
loading the imgage to disk0 should be fairly simple , you can do it through asdm gui or cli which is easier, keep in mind if done through cli to update boot statement and asdm statements accordingly to reflect new codes. If you need help let us know.
You have 0,1,2,3 ethernet ports plus manament port interface.
if you already allocated 0 as your outside interface and say the inside is on port 1 you could use dot1q and trunk it to your inside switch, have the subinterfaces in asa inside for your two inside subnets. The 1 or 0 ports can also operate at gig speed interfaces if your asa has sec plus license, if not sec plus license you can still do dot1q trunking.
Gig speed feature
As for the manangement port technically you can use this port as a routed port just like the other ports as long you remove management only command off that interface, but best is to leave it as management port for management purposes .. my recommendation is to take advantage of gig speed and use trunking for multiple subnets.