Pix 515e V7, maximum Vlans in transparent mode?

noc · ‎09-02-2009

Hi,

I'm running 7.2 on a pix 515e restricted licence.

The firewall is set to transparent mode.

Licencing states the following

Licensed features for this platform:

Maximum Physical Interfaces : 3

Maximum VLANs : 10

Inside Hosts : Unlimited

Failover : Disabled

VPN-DES : Enabled

VPN-3DES-AES : Enabled

Cut-through Proxy : Enabled

Guards : Enabled

URL Filtering : Enabled

Security Contexts : 0

GTP/GPRS : Disabled

VPN Peers : Unlimited

I have 8 vlans I want to trunk on the eth0 interface, but when I create subinterfaces and attempt to name them, I get this message after three vlans.

pixfirewall(config)# interface ethernet 0.2000

pixfirewall(config-subif)# nameif test1

ERROR: Maximum number of interfaces already configured.

In Nat mode, the feature appears to work as intended.

Is transparent mode counting the logical sub interfaces as a physical interface and stopping me at three?

Any help would be appreciated.

Regards,

-D.

Collin Clark · ‎09-02-2009

In transparent firewall mode, you can configure two active VLANs in the Base license and three active VLANs in the Security Plus license, one of which must be for failover.

In routed mode, you can configure up to three active VLANs with the Base license, and up to 20 active VLANs with the Security Plus license.

http://www.cisco.com/en/US/docs/security/asa/asa80/asdm60/user/guide/ifcs5505.html#wp1056478

Hope that helps.